Active Exploitation of FortiOS Zero‑Day Threatening Healthcare and Manufacturing

A previously unknown zero‑day flaw in Fortinet’s FortiOS VPN module is being weaponized in the wild. The vulnerability allows unauthenticated attackers to execute arbitrary code on the firewall’s operating system, giving them full control over the device and any network segments it protects.

Threat actors have linked the exploit to recent ransomware operations that have hit healthcare providers and manufacturing firms, using compromised firewalls as a foothold to deploy payloads. Defenders must prioritize immediate detection of suspicious VPN traffic, apply any emergency patches or mitigations released by Fortinet, and consider network segmentation to limit the blast radius of a potentially compromised firewall.

Categories: Vulnerabilities & Exploits, Malware & Ransomware, Threat Intelligence

Source: Read original article