Get the latest tech news
FortiGate admins report active exploitation 0-day. Vendor isn’t talking.
Vulnerability allowing remote code execution has been discussed since at least 9 days ago.
Fortinet, a maker of network security software, has kept a critical vulnerability under wraps for more than a week amid reports that attackers are using it to execute malicious code on servers used by sensitive customer organizations. To make matters harder for FortiGate customers, the company’s support portal was returning connection errors at the time this post went live on Ars that prevented people from accessing the site. With no public advisory from Fortinet, the world at large lacks the same kind of important safety information, including the indicators of compromise, how widely exploited the vulnerability is, and what types of malicious activity occur inside infected networks.
Or read this on ArsTechnica/cdn.vox-cdn.com/uploads/chorus_asset/file/25692173/1660560144.jpg)
