FortiGate admins report active exploitation 0-day. Vendor isn’t talking.
https://arstechnica.com/security/2024/10/fortinet-stays-mum-on-critical-0-day-reportedly-under-active-exploitation/Open linkView original on sh.itjust.workshttps://arstechnica.com/security/2024/10/fortinet-stays-mum-on-critical-0-day-reportedly-under-active-exploitation/Open linkView original on sh.itjust.works
If everything in the article is correct, then nobody should be using this vendor.
Nevertheless: https://www.crowdstrike.com/en-us/blog/crowdstrike-fortinet-partnership-unifies-endpoint-firewall-protection/
That headline alone almost gave me an aneurism 😂
Dan Goodin is a reliable journalist, but fwiw we’ve had several vulnerabilities from Fortinot that weren’t really well handled, so if you’re still on their crummy devices it’s your own fault.