Threat actors target govt networks exploiting Fortinet SSL-VPN CVE-2022-42475 bug
13-Jan-23
Researchers from Fortinet described how threat actors attacked targets associated with the government and exploited the recently patched FortiOS SSL-VPN vulnerability (CVE-2022-42475). Resecurity, a cybersecurity firm that guards the Fortune 500 globally, claims that the vulnerability was previously privately peddled by multiple underworld traders on the Dark Web and utilised for focused network invasions.
APAC and South East Asia in particular have been identified as the source of significant network activity. An actively exploited FortiOS SSL-VPN vulnerability, listed as CVE-2022-42475, that may be used by an unauthenticated, remote attacker to execute arbitrary code on devices, was advised to customers by the security firm in December.
