Vulnerability Management, Network Security, Threat Intelligence

Vulnerable Fortinet, SonicWall devices proliferate online

Share
Fortinet disclosed four critical vulnerabilities this week, including one RCE bug “potentially being exploited in the wild.” (Credit: Casimiro – stock.adobe.com)

Actively exploited Fortinet and SonicWall vulnerabilities impact nearly 1 million internet-exposed devices, The Cyber Express reports.

While 427,000 Fortinet devices running on FortiOS, FortiProxy, FortiSwitchManager, and FortiPAM iterations impacted by the critical CVE-2024-23113 flaw, another 62,000 FortiManager instances remain susceptible to attacks leveraging the CVE-2024-47575 bug, also known as FortiJump, according to a report from Cyble. On the other hand, SonicWall had over 486,000 online devices vulnerable to the critical improper access control issue, tracked as CVE-2024-40766. Additional findings revealed ongoing ransomware and cryptomining attacks against more than 50% of almost 33,000 CyberPanel instances affected by the maximum severity flaws, tracked as CVE-2024-51567 and CVE-2024-51568. Open-source analytics platform and the XFlight FTP Server also had critical flaws that have been actively exploited, the report showed. Another Cyble report showed intrusions against vulnerable instances of the GutenKit and LiteSpeed plugins for WordPress, as well as persistent targeting of the Treck TCP/IP flaw and other issues in IoT devices.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.