Fortinet: APTs Using FortiOS Vulnerabilities to Gain Access to Critical Infrastructures


Fortinet has issued a warning to organizations about the use of two known FortiOS vulnerabilities by APTs associated with China and other nations in attacks targeting a variety of industries, including critical infrastructure. CVE-2022-42475 is one of the exploited vulnerabilities.

Fortinet patched it in December 2022 after alerting users to the possibility of in-the-wild exploitation. The vulnerability was used as a zero-day attack vector by Chinese threat actors against government and other kinds of organizations.

CVE-2023-27997, the second vulnerability mentioned in Fortinet’s latest alert, was discovered in June 2023 after the cybersecurity company notified clients that it had been used as a zero-day in a few restricted attacks.

Read More: Fortinet: APTs Exploiting FortiOS Vulnerabilities in Critical Infrastructure Attacks

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.