New Fortinet Zero-Day Exploited for Months Before Patch
A Fortinet zero-day tracked as CVE-2024-47575 and named FortiJump has been exploited since at least June 2024.
Critical vulnerability in Fortinet’s FortiManager exploited in the wild
Emphasizing its serious nature, the vulnerability has been assigned a Common Vulnerability Scoring System score of 9.8, which is critical on the CVSS scoring system. Fortinet has confirmed that the vulnerability is actively being exploited in the wild.
Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation
Discover critical details on Fortinet's FortiManager vulnerability (CVE-2024-47575) and essential mitigation strategies.
Fortinet Confirms Exploitation of Critical FortiManager Zero-Day Vulnerability
This high-severity flaw, dubbed FortiJump by security researcher Kevin Beaumont, has been added to CISA’s KEV catalog
FortiManager critical vulnerability under active attack
In order to use the flaw, an attacker would need to have a valid Fortinet device certificate, Rob King, director of security research at flaw finding firm runZero explained. But that could be taken from a legitimate box and reused, and would allow the intruder to log into the management software without proper checks.
Critical Fortinet vulnerability finds zero-day RCE exploits
The bug, tracked as CVE-2024-47575, has been assigned a CVSS score of 9.8 out of 10, and is described as a “missing authentication for critical function” vulnerability allowing attackers to execute arbitrary code or commands via specially crafted requests.
Fortinet warns of new critical FortiManager flaw used in zero-day attacks
Fortinet publicly disclosed today a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited in ...
FortiGate admins report active exploitation 0-day. Vendor isn’t talking.
Some administrators of FortiGate-powered networks report receiving emails from the company notifying them of the available updates and advice to install them. Others say they received no such emails.
Fortinet zero-day attack spree hits at least 50 customers
Active exploits of a critical vulnerability in FortiManager began in late June, Mandiant said. Firewall credentials and ...
Mandiant says new Fortinet flaw has been exploited since June
A new Fortinet FortiManager flaw dubbed "FortiJump" and tracked as CVE-2024-47575 has been exploited since June 2024 in ...
Deep2d
CrowdStrike Partners with Fortinet to Unify Endpoint & Firewall Security
By integrating AI-native endpoint security from the CrowdStrike Falcon® cybersecurity platform and Fortinet’s FortiGate ...
Security3d
CrowdStrike and Fortinet partner to deliver protection from endpoint to firewall
The strategic partnership unifies AI-native endpoint security and next-generation firewall protection to secure organizations ...
CrowdStrike and Fortinet Deliver Industry-Leading Protection from Endpoint to Firewall
CrowdStrike (NASDAQ: CRWD) today announced a strategic partnership with Fortinet to unify best-in-class endpoint and firewall ...