Intrusions leveraging the critical Fortinet remote code execution flaw, tracked as CVE-2024-23113, continue to threaten 86,602 instances around the world on Sunday months after the vendor issued a fix, which it noted was not a "complete workaround" for the issue, according to CyberScoop.
Asia had the highest number of vulnerable Fortinet instances, followed by North America and Europe, findings from the Shadowserver Foundation revealed. Such a development comes days after the bug was added to the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the issue by Oct. 30. Active exploitation of the flaw in ransomware attacks remains uncertain but another Fortinet vulnerability had been disclosed by the Dutch Military Intelligence and Security Service to have been leveraged in a Chinese cyberespionage operation earlier this year that was initially underestimated in its severity.
