Home » Blog » Fortinet warns a critical vulnerability in its systems could let attackers breach company networks
Technology

Fortinet warns a critical vulnerability in its systems could let attackers breach company networks

by
by 0 comments
  • Fortinet releases advisory urging users to apply available patch
  • Security researchers warn the bug is being exploited en-masse
  • CISA added the flaw to its KEV catalog

A zero-day vulnerability in firewalls built by Fortinet is being exploited en-masse to breach corporate networks and possibly deploy ransomware, the company has confirmed, with the findings backed up by a number of cybersecurity researchers.

The company recently published a security advisory, detailing a critical-severity vulnerability in the FortiGate firewalls. Tracked as CVE-2024-55591, this authentication bypass was given a severity score of 9.8, and said it affects FortiOS version 7.0.0 through 7.0.16 and FortiProxy versions 7.0.0 through 7.0.19, and 7.2.0 through 7.2.12.

Malicious actors can abuse the bug to gain super-admin privileges, it was said.

Massive exploitation

In the advisory, Fortinet said the bug was “being exploited in the wild”, and used the opportunity to release a patch.

However, cybersecurity researcher from Arctic Wolf said the bug was already being massively exploited while it was a zero-day (before the patch).

Speaking to TechCrunch, ArcticWolf’s lead threat intelligence researcher Stefan Hostetler said that the company saw a cluster of intrusions that affected Fortinet devices “in the tens”, but added that it likely “only represents a limited sample compared to the total actual number” of affected endpoints. Unfortunately, no one was able to confirm even an estimated number of victims.

The researchers also could not attribute the attack to any particular threat actor. However, researcher Kevin Beaumont suggested that at least one of the threat actors is a ransomware operator. “They have a copy of an exploit and are using it for initial access and handing off for lateral movement,” he commented.

Yesterday, the US Cybersecurity and Infrastructure Security Agency (CISA) added four new vulnerabilities to its catalog of exploited flaws, including this FortiGate bug, meaning federal agencies have until February 4, 2025 to apply the patch or stop using FortiGate entirely.

You might also like

You Might Also Like

You may also like

Independent auditors confirm Mullvad VPN as secure

Xbox co-founder J Allard joins Amazon as vice president of...

Pro-Ject’s new flagship turntable weighs 80lb and costs $15,000… without...

Google Chrome Manifest V2 support has officially ended — adios...

HP unleashes its rival to Apple’s iMac, one that can...

Cleer is on the case with its new true wireless...

Nanoleaf’s Ambilight alternative is now even easier to install –...

Tesla working on Apple Watch app that could use digital...

Best Ray-Ban Meta smart glasses update yet adds Live AI...

Arcane season 2’s final trailer teases shimmer-powered Noxians, the return...

Leave a Comment

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

-
00:00
00:00

Queue

Update Required Flash plugin
-
00:00
00:00
Verified by MonsterInsights