<ul><li>The recently disclosed Fortinet FortiManager flaw, known as FortiJump (CVE-2024-47575), has been exploited in zero-day attacks since June 2024.</li><li>Over 50 servers have been impacted by these attacks, according to a report by Mandiant.</li><li>The vulnerability allows an attacker to execute arbitrary code or commands through specially crafted requests, due to a missing authentication issue in FortiManager and FortiManager Cloud versions.</li><li>Attackers have automated the exfiltration of files containing IPs, credentials, and configurations of managed devices from FortiManager.</li></ul>

FortiJump flaw CVE-2024-47575 has been exploited in zero-day attacks since June 2024

Discover more