Mandiant and Fortinet have investigated over 50 organizations affected by an active campaign exploiting a critical bug in FortiManager products, beginning as early as June 27.
The bug, identified as CVE-2024-47575, has a severe vulnerability score of 9.8 due to missing authentication, enabling remote hacker management of associated devices.
Fortinet has urged organizations using vulnerable versions of FortiManager and related products to implement fixes and monitor their advisory page for updates.
According to Mandiant, the threat actor cluster, tracked as UNC5820, has successfully exfiltrated configuration data and user credentials from multiple FortiGate devices.
Collection
[
|
...
]