- Jul 27, 2015
- 5,459
Fortinet customers that have not yet patched a critical authentication bypass vulnerability that the vendor disclosed in October in multiple versions of its FortiOS, FortiProxy, and FortiSwitch Manager technologies now have an additional reason to do so quickly.
At least one threat actor, operating on a Russian Dark Web forum, has begun selling access to multiple networks compromised via the vulnerability (CVE-2022-40684), and more could follow suit soon. Researchers from Cyble who spotted the threat activity described the victim organizations as likely using unpatched and outdated versions of FortiOS.
Cyble said a scan it conducted showed more than 100,000 Internet-exposed FortiGate firewalls, a substantial number of which are likely exploitable because they remain unpatched against the vulnerability
Cyberattackers Selling Access to Networks Compromised via Recent Fortinet Flaw
The vulnerability, disclosed In October, gives an unauthenticated attacker a way to take control of an affected product.
www.darkreading.com