Fortinet Warns of Critical FortiManager Vulnerability Exploited in Zero-Day Attacks

by Justin Erickson

Fortinet has disclosed a critical zero-day vulnerability affecting its FortiManager systems, which manage network security across large organizations. The flaw, tracked as CVE-2024-47575, has been actively exploited in targeted attacks. Security researchers identified the zero-day being used by an advanced threat group, UNC5820, to gain unauthorized access to FortiManager systems. Fortinet recommends immediate updates and has released mitigations to help protect affected systems until a full patch is available. Organizations are advised to review their security measures to reduce potential exposure. The flaw is listed as CVE-2024-47575.