watchTowr Finds New Zero-Day Vulnerability in Fortinet Products

Attack surface management provider watchTowr claims to have found a new zero-day vulnerability in cybersecurity provider Fortinet’s products.

This flaw would allow a managed FortiGate device to elevate privileges and seize control of the FortiManager instance.

This vulnerability, which carries a common vulnerability severity score (CVSS) of 9.8, is actively exploited in the wild, sometimes together with CVE-2024-23113.

It allows threat actors to use a compromised FortiManager device to execute arbitrary code or commands against other FortiManager devices. 

See more: https://www.infosecurity-magazine.com/news/watchtowr-new-vulnerability/

#cybersecurity #fortinet