Nearly 50,000 Fortinet management interfaces are still exposed to a critical zero-day vulnerability, actively exploited by attackers. The Shadowserver Foundation reports 48,457 vulnerable devices, with Asia experiencing the highest concentration of exposed firewalls. Fortinet urges immediate action to patch systems and implement workarounds.
Fortinet customers are facing a critical security threat as nearly 50,000 management interfaces remain vulnerable to a recently disclosed zero-day exploit . Data from the Shadowserver Foundation reveals that 48,457 Fortinet devices are still publicly exposed and lack the patch for CVE-2024-55591 , despite urgent warnings issued over the past week. This vulnerability, actively exploited by attackers, allows them to steal credentials and gain administrative access to targeted networks.
The number of exposed appliances has slightly decreased since January 16, two days after the CVE identifier was released, when nearly 52,000 instances were vulnerable. Asia is the most affected region, with 20,687 vulnerable firewalls still accessible over the internet, followed by North America with 12,866 and Europe with 7,401. Fortinet has confirmed that attackers are leveraging this vulnerability to compromise systems and move laterally within networks, potentially leading to ransomware attacks.Fortinet urges all customers to immediately apply the latest security updates and implement recommended workarounds. This incident comes amidst another security concern for Fortinet, as the company confirmed the authenticity of data leaks attributed to the Belsen Group. These leaks, comprised of stolen credentials and internal documents, originated from a 2022 zero-day vulnerability exploit. Fortinet assures that devices purchased after December 2022 are unaffected and advises customers to review their security practices and change device credentials if necessary
FORTINET CVE-2024-55591 Zero-Day Exploit Shadowserver Foundation Cybersecurity Threat Ransomware Data Leak Belsen Group
United Kingdom Latest News, United Kingdom Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Fortinet Firewalls Targeted in Mass Exploitation CampaignSecurity researchers have uncovered a significant campaign targeting Fortinet firewalls that may be exploiting an unknown zero-day vulnerability. The attackers gained access to devices, modified configurations, and used SSL VPN tunnels to maintain access and potentially move laterally within victim networks. Fortinet is reportedly investigating the matter.
Read more »
Fortinet Firewall Exploits: Mass Zero-Day Campaign UncoveredSecurity researchers have revealed a large-scale attack campaign targeting Fortinet firewalls, suspected to be leveraging an unpatched zero-day vulnerability. The campaign, peaking in December, involved malicious actors compromising numerous Fortinet devices, altering configurations, and establishing persistent connections through SSL VPN tunnels.
Read more »
Fortinet Confirms 2022 Zero-Day Exploit Leak by Belsen GroupFortinet officially acknowledges leaked FortiGate configurations stolen during a 2022 zero-day attack by the Belsen Group. The leaked data includes sensitive information like IP addresses, configurations, and passwords. While Fortinet emphasizes that most affected devices have been patched, users are urged to review security practices and potential vulnerabilities.
Read more »
Dunelm's Bestselling Mandalay Bedding Set on Offer, Customers Call it 'Most Beautiful Duvet Ever'Shoppers are raving about Dunelm's Mandalay Duvet Cover and Pillowcase Set, calling it the 'most beautiful duvet they've ever owned' and praising its warmth and comfort. The set, featuring a pinsonic textured design and crafted from a soft cotton mix, is available in multiple hues and sizes, starting at £25.60.
Read more »
Nationwide accounts may be blocked after customers lose moneyNationwide has shared some worrying information
Read more »
Recycling Centre Staff Abused by Customers in EssexA Freedom of Information (FOI) request revealed that staff at recycling centres across Essex have been subjected to verbal abuse, threats, and physical altercations from angry customers.
Read more »