FortiManager
-
Blog
Everything you need to know about the ‘mass exploitation’ of FortiManager appliances
A vulnerability in Fortinet’s network and security management tool, FortiManager, has been under “mass exploitation” for over three months, according to a report from Google’s threat intelligence arm Mandiant. CVE-2024-47575 is a missing authentication flaw affecting critical functions in FortiManager that would allow an attacker to use an unauthorized, compromised device to execute arbitrary code or commands on other FortiManager…
Read More » -
Blog
Fortinet warns of new critical FortiManager flaw used in zero-day attacks
Fortinet publicly disclosed today a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited in zero-day attacks to steal sensitive files containing configurations, IP addresses, and credentials for managed devices. The company privately warned FortiManager customers about the flaw starting October 13th in advanced notification emails seen by BleepingComputer that contained steps to mitigate the flaw until a security update was…
Read More »