Summary: Australian organizations using Fortinet products are urged to promptly update their systems following the active exploitation of known vulnerabilities in Fortinet devices. The Australian Cyber Security Centre (ASDβs ACSC) has warned that attackers can maintain unauthorized access even after patches have been applied due to a new technique. This situation underscores the importance of immediate action and robust cybersecurity practices to defend against threats.
Affected: Australian organizations using Fortinet devices
Keypoints :
- Fortinet devices are facing exploitation of three known vulnerabilities, including issues in the SSL VPN component.
- Attackers can retain access even after vulnerabilities are patched through stealthy techniques like symbolic links.
- Immediate actions recommended include upgrading to secure FortiOS versions and reviewing configurations for signs of compromise.
Source: https://thecyberexpress.com/fortinet-urges-australia-to-patch-now/