Summary: A zero-day vulnerability in FortiGate firewalls is actively being exploited by hackers, prompting urgent action from the federal government and cybersecurity firms. The Cybersecurity and Infrastructure Security Agency (CISA) has mandated that federal agencies patch this vulnerability by January 21, highlighting its critical nature. Additionally, concerns have been raised about an older vulnerability that has recently led to the leak of configurations for thousands of FortiGate devices.
Threat Actor: APT group | APT group
Victim: Organizations using FortiGate firewalls | FortiGate firewalls
Keypoints :
- Fortinet confirmed that the zero-day vulnerability, tracked as CVE-2024-55591, is being exploited in the wild.
- Cybersecurity experts noted that the targeting of organizations appears opportunistic rather than methodical.
- Recent leaks of configurations for 15,000 FortiGate firewalls have raised concerns about the impact of older vulnerabilities.
- Microsoft’s recent Patch Tuesday revealed multiple vulnerabilities, including eight zero-days, that require immediate attention from IT workers.
- Potential impacts of the vulnerabilities include unauthorized access to virtual machines and sensitive data theft.
Source: https://therecord.media/cisa-warns-fortinet-bugs-microsoft-patch-tuesday