Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit

Updated on April 11, 2025

Fortinet has revealed that threat actors have found a way to maintain read-only access to vulnerable FortiGate devices even after the initial access vector used to breach the devices was patched.
The attackers are believed to have leveraged known and now-patched security flaws, including, but not limited to, CVE-2022-42475, CVE-2023-27997, and CVE-2024-21762.
“A threat actor used a known…

Read the rest of the story at Read More

Source: The Hacker News

December 11, 2024 Uncategorized

Ivanti Issues Critical Security Updates ...

July 26, 2024 Uncategorized

CrowdStrike Warns of New Phishing Scam T...

January 10, 2025 Uncategorized

Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit

Related posts

Ivanti Issues Critical Security Updates ...

CrowdStrike Warns of New Phishing Scam T...

Hands-On Walkthrough: Microsegmentation ...

Leave a Comment Cancel reply

Recent News

Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

How to Automate CVE and Vulnerability Advisory Response with Tines