Cybercriminals Exploit Fortinet Firewall Flaw in Zero-Day Attack
Home > Cybersecurity > News Article

Cybercriminals Exploit Fortinet Firewall Flaw in Zero-Day Attack

Photo by:   Rawpixel
Share it!
By MBN Staff | MBN staff - Wed, 01/15/2025 - 13:30

A recently identified critical vulnerability in Fortinet's FortiGate firewalls, classified as CVE-2024-55591, is being actively exploited by cybercriminals to infiltrate enterprise networks. Fortinet confirms that the flaw has been in use in mass attacks since December, prior to the issue being identified and fixed.

"The evidence points to an effort to exploit a large number of devices in a narrow timeframe," says Stefan Hostetler, Principal Threat Intelligence Researcher, Arctic Wolf, toTechCrunch. Arctic Wolf has documented intrusions on "dozens" of affected devices, although it acknowledges that this represents a limited sample of the actual impact.

The Fortinet exploit is the latest example of malicious actors exploiting vulnerabilities in widely used security products. In parallel, a vulnerability in Ivanti's VPN servers is being exploited in a similar manner. These threats, according to FortiGuard, underscore the importance of mitigating security flaws in critical access devices. Exploitation of the CVE-2024-55591 bug began before Fortinet was aware of it, which classifies it as a zero-day attack.

According to Arctic Wolf, there are patterns linking ransomware actors such as Akira and Fog to the exploitation methods employed. Fortinet has deployed patches and is in active communication with its customers to mitigate risks.

The US Cybersecurity and Infrastructure Agency (CISA) urges users of affected devices to update their systems immediately. Fortinet has not provided exact figures on the number of compromised customers. Company spokeswoman Tiffany Curci tells TechCrunch that proactive measures are being taken to protect users, although no additional details were offered on the extent of the attacks.

In September, Fortinet had already faced a security incident involving unauthorized access to customer data stored in a third-party cloud. These issues reinforce the need for preventive measures in critical infrastructures, particularly for products designed to protect corporate networks.

Photo by:   Rawpixel
Tags:

You May Like

Cybercriminals Exploit Fortinet Firewall Flaw in Zero-Day Attack
Cybercriminals Exploit Fortinet Firewall Flaw in Zero-Day Attack
Microsoft AIOpsLab, Netflix Lawsuit: The Week in Tech
Microsoft AIOpsLab, Netflix Lawsuit: The Week in Tech
Meta Fined US$263 Million for EU Data Breach: Cyber Week
Meta Fined US$263 Million for EU Data Breach: Cyber Week
Arctic Wolf Secures BlackBerry’s Cylance in US$160 Million Deal
Arctic Wolf Secures BlackBerry’s Cylance in US$160 Million Deal
Akira Ransomware Has Defrauded US$42 Million to 250 Victims
Akira Ransomware Has Defrauded US$42 Million to 250 Victims

Most popular

1
E-Commerce & Retail
Saks Global Files for Chapter 11, Citing Inventory Pressures
Saks Global Files for Chapter 11, Citing Inventory Pressures
2
Health
Novo Nordisk México Names Patricia Field as Director General
Patricai Field
3
Health
Mexico Healthcare Strategy: Personalization and Segmentation
How to reach different markets in comprehensive health in Mexico
4
Automotive
BYD Luxury Brand Denza Opens First Mexico Dealership
BYD
5
Automotive
LG Energy Suffers Surprise 4Q25 Loss Amid EV Market Slowdown
LG Energy
6
Automotive
US Automakers Expand Into Energy Storage as EV Demand Slows
Ford
7
Aerospace
The Year In Aerospace: Mexico Balances Growth, Risks Into 2026
Aerospace

Newsletter