Security News > 2025 > January > 48,000+ internet-facing Fortinet firewalls still open to attack
2025-01-22 12:27
Despite last week’s confirmation of and warnings about long-standing exploitation of CVE-2024-55591, a critical vulnerability affecting Fortinet Fortigate firewalls, too many vulnerable devices are still accessible from the Internet and open to attack: over 48,000, according to data from the Shadowserver Foundation. CVE-2024-55591 exploitation On January 10, Artic Wolf Labs researchers outlined an attack campaign targeting FortiGate firewalls with management interfaces exposed on the public internet by exploiting a zero-day vulnerability. It involved attackers scanning … More → The post 48,000+ internet-facing Fortinet firewalls still open to attack appeared first on Help Net Security.
News URL
Related news
- Fortinet warns of new zero-day exploited to hijack firewalls (source)
- Fortinet discloses second firewall auth bypass patched in January (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)
- SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN (source)
- Palo Alto firewalls under attack as miscreants chain flaws for root access (source)
- Palo Alto Networks tags new firewall bug as exploited in attacks (source)
- New kids on the ransomware block channel Lockbit to raid Fortinet firewalls (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-14 | CVE-2024-55591 | Unspecified vulnerability in Fortinet Fortios and Fortiproxy An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module. | 9.8 |