Summary: Fortinet has clarified that the newly disclosed CVE-2025-24472 vulnerability, mentioned in their advisory, is not a zero-day because it was fixed earlier in January. Although attacks have been reported, only the CVE-2024-55591 flaw has been actively exploited. Organizations are advised to secure their firewalls and mitigate risks while updates are being applied.
Affected: Fortinet FortiOS and FortiProxy
Keypoints :
- Fortinet fixed CVE-2025-24472 in January, prior to this disclosure.
- Only CVE-2024-55591 has been confirmed as exploited in attacks against Fortinet firewalls.
- Attackers create unauthorized accounts and manipulate firewall settings through these vulnerabilities.
- Fortinet encourages disabling HTTP/HTTPS administrative interfaces or limiting access as an immediate security measure.
- Security firm Arctic Wolf identified a campaign exploiting these vulnerabilities since mid-November.
Views: 37