The eSentire’s Threat Research Unit (TRU) confirmed in its recent research that the threat actors are exploiting Fortinet Virtual Private Network (VPN) devices that remain vulnerable to critical authentication bypass vulnerability. The VPNs were being controlled by third-party providers; thus, the company had no direct visibility into the devices.
Fortinet is a security ecosystem, which provides a variety of different products including next-generation firewalls, antivirus, VPNs, and endpoint solutions, among other offerings.
On October 10, 2022, Fortinet issued a public statement in which it disclosed the critical vulnerability (CVE-2022-40684) in the system impacting several of their products including FortiOS, FortiProxy, and FortiSwitchManager.
If the vulnerability is successfully exploited, the hacker could gain access to the Fortinet device. Specifically, devices are often integrated with organization-wide authentication protocols such as Lightweight Directory Access Protocol (LDAP) and Active Directory (AD).
The TRU further said that its team detected and shut down two attacks on its customers – one was a Canadian-based college and the other, was a global investment firm.
Addit
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: