Security News > 2024 > October > Mandiant says new Fortinet flaw has been exploited since June

Mandiant says new Fortinet flaw has been exploited since June
2024-10-24 05:05

A new Fortinet FortiManager flaw dubbed "FortiJump" and tracked as CVE-2024-47575 has been exploited since June 2024 in zero-day attacks on over 50 servers, according to a new report by Mandiant. [...]


News URL

https://www.bleepingcomputer.com/news/security/mandiant-says-new-fortinet-fortimanager-flaw-has-been-exploited-since-june/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-10-23 CVE-2024-47575 Missing Authentication for Critical Function vulnerability in Fortinet Fortimanager and Fortimanager Cloud
A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4, FortiManager Cloud 7.2.1 through 7.2.7, FortiManager Cloud 7.0.1 through 7.0.12, FortiManager Cloud 6.4.1 through 6.4.7 allows attacker to execute arbitrary code or commands via specially crafted requests.
network
low complexity
fortinet CWE-306
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Fortinet 77 15 314 277 81 687