Fortinet Firewalls Targeted in Mass Exploitation Campaign
/ 1 min read
🛡️💻 Mass exploitation campaign targets Fortinet firewalls using potential zero-day vulnerability. Security researchers from Arctic Wolf Labs have identified a significant intrusion campaign affecting Fortinet devices, which peaked in December 2024. The attackers are believed to exploit an unpatched zero-day vulnerability, gaining unauthorized access to firewalls with internet-exposed management interfaces. The campaign involved thousands of malicious login attempts and unauthorized configuration changes, including the creation of new admin accounts and SSL VPN access. Although Fortinet has been notified and is investigating, no specific vulnerability has been confirmed or patched. The attackers’ ultimate intentions remain unclear, but the potential for ransomware attacks has not been ruled out.
