On January 14, 2025, both Fortinet and the U.S. Cybersecurity Agency (CISA) issued an urgent alert regarding the CVE-2024-55591 vulnerability in FortiGate firewalls, which are currently being successfully attacked according to researchers at Arctic Wolf. The flaw is being actively exploited in FortiOS and FortiProxy systems. The critical flaw allows attackers to take full remote control of affected devices, including super administrator privileges. The vulnerability is rated 9.6 on a scale of 10, and is related to an authentication bypass in the Node.js websocket module.
https://www.cisoadvisor.com.br/alerta-da-fortinet-falha-explorada-em-fortios-e-fortiproxy/ https://www.cisoadvisor.com.br/fortinet-corrige-vulnerabilidade-com-cvss-9-8/
About the vulnerability:
"Fortinet has issued an emergency update to fix the CVE-2024-55591 vulnerability in its FortiGate firewalls, which was successfully exploited"
"The flaw allows attackers to remotely take control of vulnerable devices, including gaining super-administrator privileges"
"Thousands of corporate networks were vulnerable, and attackers began exploiting the vulnerability before it was even discovered and patched, classifying it as a zero-day."
"Arctic Wolf researchers reported that the attacks began in December and documented multiple instances of compromise, although the full extent of the incident is likely larger."
"identified an attack campaign against FortiGate firewalls since November 2024"
"the US Cybersecurity Agency (CISA) has issued an emergency alert"
Fortinet's position:
"This incident highlights the importance of immediately applying security patches..."
"Fortinet reinforces the urgency of the situation and continues to monitor the case while providing additional information to support organizations in mitigating risks"
"It is essential that companies using FortiOS and FortiProxy review their security configurations and proactively monitor their networks."
NetSensor Positioning Note:
It takes much more than that, as vulnerabilities are currently being exploited even before they are disclosed as a "ZeroDay" and have a patch!
NetSensor brings a true paradigm shift to the market. It is not just about a new company, a new manufacturer, innovative technologies and new concepts, it is about "changing the way the world sees cybersecurity!"
Important: NetSensor customers using NetSensor Magic and HackNet were already protected against this vulnerability, even though they had Fortinet firewalls with the vulnerability exposed to the Internet.
Read too:
Comments