Security News > 2025 > April > Fortinet: Hackers retain access to patched FortiGate VPNs using symlinks

Fortinet: Hackers retain access to patched FortiGate VPNs using symlinks

2025-04-11 16:08

Fortinet warns that threat actors use a post-exploitation technique that helps them maintain read-only access to previously compromised FortiGate VPN devices even after the original attack vector was patched. [...]

News URL

https://www.bleepingcomputer.com/news/security/fortinet-hackers-retain-access-to-patched-fortigate-vpns-using-symlinks/

#fortinet #hacker #VPN

Related news

Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit (source)
Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware (source)
Data-stealing Chrome extensions impersonate Fortinet, YouTube, VPNs (source)
Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics (source)
Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.