Tag: fortimanager

2 Attack Reports | 0 Vulnerabilities

Attack reports

Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575)

A new threat cluster, UNC5820, has been observed exploiting a zero-day vulnerability in FortiManager appliances across multiple industries. The vulnerability allows unauthorized execution of arbitrary code or commands on vulnerable devices. The attackers staged and exfiltrated configuration data fr…
vulnerability
zero-day
exploitation
fortigate
CVE-2024-47575
2024-10-24
fortimanager
cyber-espionage
configuration-exfiltration
network-security
Published: October 24, 2024
Linked vulnerabilities : CVE-2024-47575 (CVSS 9.8)
Downloadable IOCs: 4

FortiManager fgfmd vulnerability indicators

A critical vulnerability in FortiManager's fgfmd daemon allows remote unauthenticated attackers to execute arbitrary code or commands via specially crafted requests. This vulnerability, classified as CWE-306 (Missing Authentication for Critical Function), has been exploited in the wild. The attack …
vulnerability
exfiltration
authentication
remote code execution
2024-10-23
CVE-2024-47575
fortimanager
Published: October 23, 2024
Linked vulnerabilities : CVE-2024-47575 (CVSS 9.8)
Downloadable IOCs: 3
Click here to see more Attack Reports