{"id":2762,"date":"2024-10-23T17:05:37","date_gmt":"2024-10-23T16:05:37","guid":{"rendered":"https:\/\/aegislens.com\/home\/?p=2762"},"modified":"2024-10-23T17:05:37","modified_gmt":"2024-10-23T16:05:37","slug":"critical-alert-fortinet-highlights-new-fortimanager-flaw-utilized-in-latest-zero-day-attacks","status":"publish","type":"post","link":"https:\/\/aegislens.com\/home\/critical-alert-fortinet-highlights-new-fortimanager-flaw-utilized-in-latest-zero-day-attacks\/","title":{"rendered":"Critical Alert: Fortinet Highlights New FortiManager Flaw Utilized in Latest Zero-Day Attacks"},"content":{"rendered":"
\n

Fortinet Warns of New Critical FortiManager Flaw Used in Zero-Day Attacks<\/h1>\n

In a statement released today, cybersecurity giant Fortinet has publicly disclosed a critical vulnerability in its FortiManager API system.<\/p>\n

This vulnerability, tracked as CVE-2024-47575, is causing waves in the cybersecurity community as it has been exploited in zero-day attacks to access and exfiltrate sensitive files.<\/p>\n

These include configurations, IP addresses, and credentials for managed devices.<\/p>\n

An Unsettling Discovery<\/h2>\n

Researchers discovered that malevolent actors could manipulate an API endpoint in the FortiManager system, enabling them to bypass security measures and access highly confidential information.<\/p>\n

This constitutes a significant escalation in the level of threats posed by software flaws and raises concerns about data integrity in organizations using Fortinet’s solutions.<\/p>\n

A Critical Classification<\/h2>\n

The Common Vulnerability Scoring System (CVSS), an industry standard for assessing the severity of computer system security vulnerabilities, has assigned the CVE-2024-47575 an alarming 9.4 out of 10 \u2014 an explicit indication of its critical severity.<\/p>\n

The Response<\/h2>\n

Fortinet acted promptly to mitigate the issue.<\/p>\n

The software patch released to address this flaw (FortiManager version 7.0.1), inhibits any unauthorized individual’s ability to access the data.<\/p>\n

Fortinet advises users running older versions of the software to update immediately to the latest patched versions to safeguard their systems.<\/p>\n

Advice for Prevention<\/h2>\n

While Fortinet took a significant first step in releasing the patch, cybersecurity professionals advise further steps for maximum security.<\/p>\n

The timely application of updates and patches, coupled with enhancing endpoint security, and strict control of user permissions, can vastly reduce the risk of future exploitation.<\/p>\n

Historical Relevance<\/h2>\n

This is not the first time Fortinet has been targeted.<\/p>\n

Similar zero-day attacks took place last year involving the FortiGate SSL VPN product.<\/p>\n

Proactive actions, such as routine audits of system permissions, continuous monitoring, and swift incident response played a critical role in preventing widespread damage.<\/p>\n

Follow-Up Reading<\/h3>\n