Kevin Beaumont on Nostr: ⚠️ CVE-2024-55591 in FortiOS (Fortigate firewall) is under exploitation by a ...
⚠️ CVE-2024-55591 in FortiOS (Fortigate firewall) is under exploitation by a ransomware operator, they have a copy of an exploit and are using it for initial access and handing off for lateral movement.
https://fortiguard.fortinet.com/psirt/FG-IR-24-535
Impacts Fortigate 7.0.0 through 7.0.16, you need to upgrade if on those versions and check logs for prior exploitation - threat actor had it as a zero day for over a month, I imagine vendor in IR space will drop writeup soon.
https://fortiguard.fortinet.com/psirt/FG-IR-24-535
Impacts Fortigate 7.0.0 through 7.0.16, you need to upgrade if on those versions and check logs for prior exploitation - threat actor had it as a zero day for over a month, I imagine vendor in IR space will drop writeup soon.