Attackers hit more networking gear, this time a critical Fortinet CVE
- Threat actors are actively exploiting a critical remote code execution vulnerability in Fortinet’s FortiOS operating system, the Cybersecurity and Infrastructure Security agency said Friday.
- CISA added the out-of-bound write vulnerability, CVE-2024-21762, to its known exploited vulnerabilities catalog one day after Fortinet issued a patch and workaround for the CVE in a Thursday security advisory. The vulnerability, which unauthenticated attackers can exploit to execute arbitrary code or commands, has a CVSS score of 9.8 out of 10.
- Fortinet advised customers to upgrade or migrate to patched versions of FortiOS and the FortiProxy secure web gateway. Customers using these devices can also disable SSL VPN as a workaround, according to Fortinet.
Dive Insight:
The advisory and active exploitation of Fortinet appliances comes as federal cyber authorities and intelligence officials last week warned about active intrusions and ongoing malicious activity targeting networking infrastructure in critical infrastructure providers in the U.S.
China state-linked actors, including Volt Typhoon and others, are using living-off-the-land techniques to mask their activities and embed into networking equipment. Some established footholds date back to 2019.
To read the complete article, visit Cybersecurity Dive.
Tags: Applications Critical Infrastructure Cybersecurity DHS Enterprise Federal Government/Military Incident Command/Situational Awareness Interoperability News Policy Public Safety Security Software State & Local Government System Design System Installation System Operation Tracking, Monitoring & Control Wireless Networks Partner content