Fortinet has urged its customers to take action because it is worried that many of their devices are still vulnerable to attacks that take advantage of the recently discovered zero-day vulnerability.
At first, Fortinet was only aware of one instance where the CVE-2022-40684 vulnerability had been exploited. However, the security flaw is being increasingly targeted now that technical information and proof-of-concept (PoC) exploits are made publically available. Indicators of compromise (IoCs), which can be used to spot signs of an attack, as well as patches and workarounds for the vulnerability have all been made available by the cybersecurity firm.
According to the company, threat actors have been searching the internet for vulnerable devices, downloading configuration, and installing malicious admin accounts.