Security News > 2024 > March > Exploit released for Fortinet RCE bug used in attacks, patch now
Security researchers have released a proof-of-concept exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server software, which is now actively exploited in attacks.
On Thursday, one week after Fortinet released security updates to address the security flaw, security researchers with Horizon3's Attack Team published a technical analysis and shared a proof-of-concept exploit that helps confirm if a system is vulnerable without providing remote code execution capabilities.
Those who want to use Horizon3's exploit code in RCE attacks must modify the PoC to use the Microsoft SQL Server xp cmdshell procedure to spawn a Windows command shell for code execution.
In February, Fortinet patched another critical RCE bug in the FortiOS operating system and FortiProxy secure web proxy, saying it was "Potentially being exploited in the wild."
It's also worth noting that Fortinet security vulnerabilities are frequently used to gain unauthorized access to corporate networks for ransomware attacks and cyber espionage campaigns, often using zero-day exploits.
News URL
Related news
- Old Fortinet flaws under attack with new method its patch didn't prevent (source)
- Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
- Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)
- Craft CMS RCE exploit chain used in zero-day attacks to steal data (source)
- CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices (source)
- PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks (source)
- Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw (source)
- CISA Warns of CentreStack's Hard-Coded MachineKey Vulnerability Enabling RCE Attacks (source)
- Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit (source)
- Active! Mail RCE flaw exploited in attacks on Japanese orgs (source)