0-day Vulnerability Exploited in Fortinet FortiGate Firewalls
/ 1 min read
🦠 Attackers exploit 0-day vulnerability in FortiGate firewalls, gaining super-admin access. Arctic Wolf has reported a campaign targeting Fortinet FortiGate devices, where attackers exploited an undisclosed 0-day vulnerability to create hidden admin accounts and configure SSL VPN connections, allowing for extensive control over the devices. This activity, which began in mid-November 2024, involves the use of automated scanners to identify vulnerable devices and bypass authentication. Organizations are urged to disable public access to firewall management interfaces and monitor for suspicious account activity. The ongoing threat highlights the importance of proactive vulnerability management and collaboration with vendors to mitigate risks associated with unpatched vulnerabilities.
