Mastodawn

decio Nov 5, 2024

...et ce n'est pas fini!

watchTowr fait le "teasing" sur le bad site de leur prochaine publication en conseillant carrément au détenteurs de Foritmanager exposé: "S'il vous plaît, retirez le d'Internet *même s'il est entièrement corrigé"

Le correctif pour la vulnérabilité « FortiJump » dans la plateforme de gestion FortiManager de Fortinet pourrait ainsi ne pas avoir complètement résolu le problème. Malgré une mise à jour récente, des preuves montrent que la vulnérabilité CVE-2024-47575 est encore exploitable, ce qui expose potentiellement 62 000 instances de FortiManager connectées à Internet selon Cyble threat intelligence.
⬇️
"FortiManager May Still Be Vulnerable Despite ‘FortiJump’ Patch
The FortiJump vulnerability in Fortinet FortiManager may not have been completely fixed by last month's patch. Users are urged to apply mitigations."
👇
https://thecyberexpress.com/fortimanager-vulnerable-fortijump-patch/

#CyberVeille
#CVE_2024_47575
#Fortinet #FortiJump #Fortimanager

FortiManager May Still Be Vulnerable Despite FortiJump Patch

The FortiJump vulnerability in Fortinet FortiManager may not have been completely fixed by the last month's patch. Users are urged to apply mitigations.

The Cyber Express

Show thread

OSPF110 ☕Nov 4, 2024

@GossiTheDog #FortiJump The gift that keeps on giving. 😂

Show thread

Kevin Beaumont Nov 4, 2024

Don’t worry everybody, #FortiJump is back for Christmas… this time set in space! The patch didn’t fix the variants.

Paul Shread Nov 1, 2024

A little late for Halloween but just as scary: Nearly 1 million Fortinet and SonicWall devices with actively exploited vulnerabilities are exposed on the internet.
#Cybersecurity #NetworkSecurity #Fortinet #FortiJump #FortiManager #SonicWall #Security #Ransomware #Cyberattacks #ThreatIntelligence #Vulnerabilities

https://thecyberexpress.com/vulnerable-fortinet-sonicwall-devices-exposed/

1 Million Vulnerable Fortinet, SonicWall Devices Exposed

1 million Fortinet and SonicWall devices with actively exploited vulnerabilities are exposed on the internet, and WordPress and IoT devices face cyberattacks.

The Cyber Express

LMG Security Oct 28, 2024

A critical #security flaw, #FortiJump, is being actively exploited in FortiManager. This vulnerability can allow remote attackers to execute code or commands without authentication. Fortinet has released workarounds. Read more: https://thehackernews.com/2024/10/fortinet-warns-of-critical.html

#Cybersecurity #Fortinet #Vulnerability #DFIR #Infosec

Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation

Discover critical details on Fortinet's FortiManager vulnerability (CVE-2024-47575) and essential mitigation strategies.

The Hacker News

Show thread

Kevin Beaumont Oct 25, 2024

I think this got lost in the mix - the #FortiJump threat actress wasn’t just exploiting FortiManager.

Both FortiGate (the firewall product) and FortiManager (the central manager product) use FGFM on port 541.

The threat actress had different exploits for both products - the February FortiGate CVE and the new FortiManager CVE.

One recommended mitigation in FortiManager is you lock FGFM to allowed IPs of your FortiGates. If you pop the FortiGate first you can reach the FortiManager by design.

Show thread