The Shadowserver FoundationWe added Fortinet SSL-VPN CVE-2020-12812 to our daily Vulnerable HTTP Report: https://www.shadowserver.org/what-we-do/network-reporting/vulnerable-http-report/
After 5 1/2 years since being published still over 10K Fortinet firewalls remain unpatched. Vuln actively exploited as recently highlighted by Fortinet: https://www.fortinet.com/blog/psirt-blogs/product-security-advisory-and-analysis-observed-abuse-of-fg-ir-19-283
CVE-2020-12812 is also on @cisacyber KEV.
Dashboard World Map view:
https://dashboard.shadowserver.org/statistics/combined/map/?date_range=1&map_type=std&source=http_vulnerable&source=http_vulnerable6&tag=cve-2020-12812%2B&data_set=count&scale=log&auto_update=on
Dashboard Tree Map view:
https://dashboard.shadowserver.org/statistics/combined/tree/?date_range=1&source=http_vulnerable&source=http_vulnerable6&tag=cve-2020-12812%2B&data_set=count&scale=log&auto_update=on
Original Fortinet advisory from July 2020: https://www.fortiguard.com/psirt/FG-IR-19-283
