Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591)

Fortinet has patched an authentication bypass vulnerability (CVE-2024-55591) affecting its FortiOS firewalls and FortiProxy web gateways that has been exploited as a zero-day by attackers to compromise publicly-exposed FortiGate firewalls. While Fortinet acknowledged in-the-wild exploitation in the accompanying security advisory, they did share any attack-related information except indicators of compromise (IoCs): IP addresses, log entries, created users, and a list of operations performed by the threat actor. Some of those IoCs overlap with those shared … More

The post Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591) appeared first on Help Net Security.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top