Security News > 2024 > February > New Fortinet RCE bug is actively exploited, CISA confirms
CISA confirmed today that attackers are actively exploiting a critical remote code execution bug patched by Fortinet on Thursday.
CISA's announcement comes one day after Fortinet published a security advisory saying the flaw was "Potentially being exploited in the wild."
While the company has yet to share more details regarding potential CVE-2022-48618, CISA has added the vulnerability to its Known Exploited Vulnerabilities Catalog, warning that such bugs are "Frequent attack vectors for malicious cyber actors" posing "Significant risks to the federal enterprise."
New Fortinet RCE flaw in SSL VPN likely exploited in attacks.
CISA: Critical Ivanti auth bypass bug now actively exploited.
CISA warns of patched iPhone kernel bug now exploited in attacks.
News URL
Related news
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- CISA: Network switch RCE flaw impacts critical infrastructure (source)
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)
- CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame (source)
- Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE (source)
- CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-09 | CVE-2022-48618 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apple products The issue was addressed with improved checks. | 7.0 |