Fortinet Vulnerability Being Actively Exploited

share
Header image

Fortinet Vulnerability Being Actively Exploited

share

The vulnerability may allow a remote attacker to gain super-admin privileges via crafted requests.

Fortinet has said that an authentication bypass vulnerability affecting FortiOS and FortiProxy is being exploited in the wild.

Tracked as CVE-2024-55591, the vulnerability may allow a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module, Fortinet said in an update.

Security researchers have warned that hackers have been mass-exploiting the vulnerability as a zero-day since December, according to TechCrunch.
Written by
Dan Raywood
Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Vulnerabilities and Flaws Published: 15 January Written by
Dan Raywood
Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Related content

Microsoft Delivers Largest Patch Release in Years

Microsoft Delivers Largest Patch Release in Years

 AWS Creds Stolen by Codefinger in Extortion Attacks

AWS Creds Stolen by Codefinger in Extortion Attacks

 Major Controller Flaw Exploited in the Wild

Major Controller Flaw Exploited in the Wild
Ivanti: Patches Available for Vulnerabiltiies

Ivanti: Patches Available for Vulnerabiltiies

 CISA Cyber Hygiene Enrolment Increases

CISA Cyber Hygiene Enrolment Increases

 Major Cyber-Attack Hits Slovakian Land Registry

Major Cyber-Attack Hits Slovakian Land Registry
Nominet Investigates Intrusion Linked to Ivanti Vulnerability

Nominet Investigates Intrusion Linked to Ivanti Vulnerability

Upcoming Events

No events found.