Fortinet's FortiOS Flaw Exploited by Threat Actors, Resulting in Data Loss

GAGANDEEP SINGH

15-March-2023

Anonymous threat actors utilized a zero-day vulnerability to exploit a bug in the FortiOS.

Fortinet's OS is a network security OS used by enterprises. It provides advanced threat protection & more.

The flaw that let the attackers target government & big organizations ultimately led to data loss & more.

A report published by the security firm revealed CVE-2022-41328, the flaw used to dismantle multiple FortiGate firewall.

The exploit was found after Fortinet’s compromised device shut down, and the system entered error mode.

As it happened as the FIPS-enabled device confirms system component integrity and is built to shut down.

Attacks were highly targeted, with proof of it favoring the government & government-related targets.

The users are advised to upgrade to the patched version to block possible attack attempts.

Read the full story here.