<ul><li>Cybersecurity researchers have disclosed a critical FortiManager API vulnerability, CVE-2024-47575, that has been exploited in zero-day attacks.</li><li>The vulnerability allows attackers to execute arbitrary code or commands and steal sensitive files containing configurations, IP addresses, and credentials.</li><li>A new threat actor, UNC5820, has been linked to the exploitation of this vulnerability.</li><li>To detect exploitation attempts, organizations can use the SOC Prime Platform or the dedicated Sigma rule.</li></ul>

CVE-2024-47575 Detection: FortiManager API Vulnerability Exploited in Zero-Day Attacks

Discover more