FortiGate admins report active exploitation 0-day. Vendor isn’t talking.

by
Dan Goodin
from Ars Technica - All content on (#6RNTC)
Story Image

Fortinet, a maker of network security software, has kept a critical vulnerability under wraps for more than a week amid reports that attackers are using it to execute malicious code on servers used by sensitive customer organizations.

Fortinet representatives didn't respond to emailed questions and have yet to release any sort of public advisory detailing the vulnerability or the specific software that's affected. The lack of transparency is consistent with previous zero-days that have been exploited against Fortinet customers. With no authoritative source for information, customers, reporters, and others have few other avenues for information other than social media posts where the attacks are being discussed.

RCE stands for remote code execution

According to one Reddit post, the vulnerability affects FortiManager, a software tool for managing all traffic and devices on an organization's network. Specific versions vulnerable, the post said, include FortiManager versions:

Read full article

Comments

External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments