{"vulnerability": "cve-2024-47575", "sightings": [{"uuid": "2c6a09d6-288d-4fdf-a567-1e471bd93d7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-47575", "type": "seen", "source": null, "content": "", "creation_timestamp": "2024-10-24T07:23:35.722806Z"}, {"uuid": "997b0434-1cf7-4804-b2dd-06c05af90785", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": null, "content": "", "creation_timestamp": "2024-10-24T07:23:56.253649Z"}, {"uuid": "a48b28db-d4c7-4772-8516-5ae7e3424e43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-47575", "type": "confirmed", "source": null, "content": "", "creation_timestamp": "2024-10-24T07:24:00.179030Z"}, {"uuid": "0ffa099a-f377-4bd8-98cf-64ba607aaca5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": null, "content": "", "creation_timestamp": "2024-10-24T08:10:35.492175Z"}, {"uuid": "83aa9361-f4af-48d1-a2fc-32ce0d31330a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "", "content": "", "creation_timestamp": "2024-11-05T13:45:11.591938Z"}, {"uuid": "d2a3c7a4-ac23-4dbc-b39b-b7d697168895", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2024-0423", "content": "", "creation_timestamp": "2024-10-24T07:27:38.000000Z"}, {"uuid": "08efbbad-3725-4c2c-bab0-6d3ad0ce5c7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-47575", "type": "seen", "source": "https://infosec.exchange/users/patchnow24x7/statuses/113445973376795331", "content": "", "creation_timestamp": "2024-11-08T06:42:59.075572Z"}, {"uuid": "0e222aa2-5571-45e3-8f91-0ce73ee4299a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-10-23T18:10:02.000000Z"}, {"uuid": "e519edaa-e202-47e1-a658-bb30503d8c90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "MISP/4fe85264-fb26-494e-8eb7-da101e19e291", "content": "", "creation_timestamp": "2024-10-24T07:26:42.000000Z"}, {"uuid": "58a69f13-2c3f-4248-84f8-7ad5e6024bf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "MISP/0b67d8ae-d352-4594-ba0a-ecb93693fa91", "content": "", "creation_timestamp": "2024-10-24T08:36:52.000000Z"}, {"uuid": "87460230-30e8-4544-a495-ac8d246b21c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-47575", "type": "seen", "source": "https://infosec.exchange/users/catc0n/statuses/113477656881433124", "content": "", "creation_timestamp": "2024-11-13T21:00:32.697723Z"}, {"uuid": "2007c17e-fda5-4b61-b9ab-9e4ded20d131", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-47575", "type": "seen", "source": "https://infosec.exchange/users/alexandreborges/statuses/113478529352841373", "content": "", "creation_timestamp": "2024-11-14T00:42:23.918020Z"}, {"uuid": "d830353f-80b9-421d-9d1f-fae18e216fe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113482323234195101", "content": "", "creation_timestamp": "2024-11-14T16:47:13.266164Z"}, {"uuid": "0529ef61-215b-4f91-9da0-05f763f162f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-47575", "type": "seen", "source": "https://cyberplace.social/users/GossiTheDog/statuses/113483673211675864", "content": "", "creation_timestamp": "2024-11-14T22:30:43.940861Z"}, {"uuid": "8359520d-c0a9-42a9-babb-a4a878c3938b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-47575", "type": "seen", "source": "https://chaos.social/users/HonkHase/statuses/113492318503579152", "content": "", "creation_timestamp": "2024-11-16T11:56:29.729819Z"}, {"uuid": "e8edfa81-e08b-4008-8469-9ffe7fb2da1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://bsky.app/profile/bluecyber.bsky.social/post/3ldrllwvk7s2n", "content": "", "creation_timestamp": "2024-12-20T23:56:06.450820Z"}, {"uuid": "24bb100c-b10c-4320-a5a1-2248a80c98cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113828003758066396", "content": "", "creation_timestamp": "2025-01-14T17:58:19.596456Z"}, {"uuid": "f256f7a7-3211-4aa5-b8d8-c847f9066d43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/", "content": "", "creation_timestamp": "2025-01-15T07:23:10.284856Z"}, {"uuid": "f0f132ca-4f02-4111-90f4-a28fcbc462b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "e5b53261-eb56-4b27-83ea-076e5eab727a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3lkrdxvogpt22", "content": "", "creation_timestamp": "2025-03-19T23:35:58.906707Z"}, {"uuid": "93bc381b-a2b2-492b-93f8-0daf03cf9813", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://bsky.app/profile/qiancx.bsky.social/post/3lkrdxzj5sv24", "content": "", "creation_timestamp": "2025-03-19T23:36:02.835716Z"}, {"uuid": "6c57b234-0c0b-4090-b293-cc9ecfab6aeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:04.000000Z"}, {"uuid": "8434359e-1813-439c-9626-176e244ad8c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:11:00.000000Z"}, {"uuid": "d972400a-70a9-4fe2-9938-80fce0ca7d28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:03.000000Z"}, {"uuid": "144db571-2c77-4ed8-b674-fa3ac38bda3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-47575", "type": "seen", "source": "https://www.cert.at/de/warnungen/2024/10/kritische-zero-day-schwachstelle-in-fortimanager-wird-aktiv-ausgenutzt-update-verfugbar", "content": "", "creation_timestamp": "2024-10-24T07:11:27.000000Z"}, {"uuid": "26673750-24c6-4a25-9c3d-b07766b9b59f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/fortimanager_rce_cve_2024_47575.rb", "content": "", "creation_timestamp": "2024-12-03T02:39:10.000000Z"}, {"uuid": "83df4b48-b961-4a3f-866e-30940a5ddd01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "MISP/dd71e3c5-20f7-409a-8bcc-8df3cd8022a7", "content": "", "creation_timestamp": "2025-09-03T13:30:06.000000Z"}, {"uuid": "35e92a9c-5491-4730-a9c5-5a11ad49dc97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://vulnerability.circl.lu/comment/55eb3309-c5c3-4f89-bdbd-e3ffa97ab779", "content": "", "creation_timestamp": "2024-10-24T08:04:32.724240Z"}, {"uuid": "03d3013b-c2e2-46b2-915e-783abacc2def", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://vulnerability.circl.lu/comment/9baa9351-dc32-4f7d-b01d-eeb3a51e50be", "content": "", "creation_timestamp": "2024-10-25T07:11:40.672278Z"}, {"uuid": "df043938-729f-4829-a970-fb96f260f779", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://vulnerability.circl.lu/comment/e147bc02-1352-4685-8d0a-692e2fe98072", "content": "", "creation_timestamp": "2024-10-25T07:18:54.820316Z"}, {"uuid": "d8c8b5dd-de2f-4554-9b87-99109e45b476", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://vulnerability.circl.lu/comment/fc8919b9-2200-4953-9752-83a8d586e76e", "content": "", "creation_timestamp": "2024-11-05T13:43:12.294048Z"}, {"uuid": "fcb68d28-6bc4-4411-b25f-58cfb20c8010", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://vulnerability.circl.lu/comment/9579afd1-e7a6-4754-8574-5acaed28e11d", "content": "", "creation_timestamp": "2024-11-14T08:13:33.806989Z"}, {"uuid": "c3ed0f5c-4c62-4534-8680-f9450ae71ee7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/11268897-8798-4ec2-bcac-b23fe0715823", "content": "", "creation_timestamp": "2025-03-11T20:37:58.600981Z"}, {"uuid": "5c5d880e-1daa-4ded-940d-e01986abf253", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_25/2024", "content": "", "creation_timestamp": "2024-10-23T16:28:14.000000Z"}, {"uuid": "d5cee55f-ced0-4aff-959e-70573ec0a38c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1405", "content": "", "creation_timestamp": "2024-10-24T04:00:00.000000Z"}, {"uuid": "b96b8f23-0632-4451-8738-cf1cf0634df8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/ad025cf1-0a97-4d4c-8f90-53a16064d812", "content": "", "creation_timestamp": "2026-02-02T12:26:25.541692Z"}, {"uuid": "e0ff4cc9-3419-4500-b834-f6fd685a6c05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mir4r4g6gm2f", "content": "", "creation_timestamp": "2026-04-05T16:02:43.947780Z"}, {"uuid": "933940d2-d7b8-4f6d-90a5-4db6d4c7a308", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "https://t.me/cKure/13803", "content": "\u25a0\u25a1\u25a1\u25a1\u25a1 Mandiant tracking wild exploitation of CVE-2024-47575 (FortiManager) wild exploitation due to missing authentication on 'fgfmd' daemon ( dubbed FortiJump).\n\nhttps://cloud.google.com/blog/topics/threat-intelligence/fortimanager-zero-day-exploitation-cve-2024-47575", "creation_timestamp": "2024-10-28T00:05:25.000000Z"}, {"uuid": "d87c4361-5131-4eb9-a535-8312eef7b109", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "https://t.me/BleepingComputer/20901", "content": "\u200aMandiant says new Fortinet flaw has been exploited since June\n\nA new Fortinet FortiManager flaw dubbed \"FortiJump\" and tracked as CVE-2024-47575 has been exploited since June 2024 in zero-day attacks on over 50 servers, according to a new report by Mandiant. [...]\n\nhttps://www.bleepingcomputer.com/news/security/mandiant-says-new-fortinet-fortimanager-flaw-has-been-exploited-since-june/", "creation_timestamp": "2024-10-25T16:57:45.000000Z"}, {"uuid": "872b64e5-c1c2-4c0b-8fb7-2bc1dcdc5f23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "Telegram/Si59L7B2mOOUAr8_144HFqGZOWLjbuFEGSaFRpGyejiLY0E", "content": "", "creation_timestamp": "2025-07-20T03:00:05.000000Z"}, {"uuid": "34611cb2-923e-4221-b8fc-b3f8c918b62a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8868", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-47575: Critical Remote Code Execution (RCE) Vulnerability in VMware Horizon\nURL\uff1ahttps://github.com/groshi/CVE-2024-47575-POC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-28T17:38:16.000000Z"}, {"uuid": "bdecaa17-05e3-4e14-bf97-a9bf63b58d86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9124", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-47575\u662fFortinet\u7684FortiManager\u548cFortiManager Cloud\u4ea7\u54c1\u4e2d\u7684\u4e00\u4e2a\u4e25\u91cd\u6f0f\u6d1e\uff0c\u6e90\u4e8efgfmsd\u5b88\u62a4\u8fdb\u7a0b\u7f3a\u4e4f\u5bf9\u5173\u952e\u529f\u80fd\u7684\u8eab\u4efd\u9a8c\u8bc1\u3002\nURL\uff1ahttps://github.com/XiaomingX/cve-2024-47575-poc\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-22T03:14:52.000000Z"}, {"uuid": "b72f740f-6a6c-4b8f-962a-512bfc4d1191", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8882", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-47575 POC\nURL\uff1ahttps://github.com/zgimszhd61/CVE-2024-47575-POC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-29T15:51:10.000000Z"}, {"uuid": "40ab8f65-825f-473c-a0ec-c2ddf9195b67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8916", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-47575: FortiManager Missing Authentication\nURL\uff1ahttps://github.com/Fruktolzzz/CVE-2024-47575\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-01T13:10:19.000000Z"}, {"uuid": "6578d1a0-e1f8-455a-ae24-701f27af1de9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8935", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-47575: FortiManager Missing Authentication\nURL\uff1ahttps://github.com/LayNMR/CVE-2024-47575\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-02T19:22:42.000000Z"}, {"uuid": "187b9f3d-69d9-4bbf-a12f-b8c948650730", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8931", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-47575: FortiManager Missing Authentication\nURL\uff1ahttps://github.com/groshi324/CVE-2024-47575\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-02T18:53:35.000000Z"}, {"uuid": "ff60905c-80eb-4722-8701-d6c5cca32611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8936", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1a CVE-2024-47575: FortiManager Missing Authentication\nURL\uff1ahttps://github.com/DaresNone/CVE-2024-47575\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-02T19:31:04.000000Z"}, {"uuid": "169bd8e9-59ef-4970-8220-b358fd382ccb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9034", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aFortimanager Unauthenticated Remote Code Execution AKA fortijump CVE-2024-47575\nURL\uff1ahttps://github.com/watchtowrlabs/Fortijump-Exploit-CVE-2024-47575\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-14T16:25:30.000000Z"}, {"uuid": "3965318c-37ee-4123-83f3-989b08c943eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://t.me/GithubRedTeam/9033", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aFortimanager Unauthenticated Remote Code Execution AKA fortijump CVE-2024-47575\nURL\uff1ahttps://github.com/kac89/CVE-2024-7124\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-14T16:12:27.000000Z"}, {"uuid": "a1f7e8f5-d440-46b8-a7ab-af103c39cc49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "https://t.me/cKure/13802", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 FortiManager Devices Mass Compromise Exploiting CVE-2024-47575 Vulnerability.\n\nhttps://cybersecuritynews.com/fortimanager-devices-mass-compromise/", "creation_timestamp": "2024-10-28T00:00:27.000000Z"}, {"uuid": "90341045-f220-4bfd-8227-d03783902d39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "https://t.me/BleepingComputer/20896", "content": "\u200aFortinet warns of new critical FortiManager flaw used in zero-day attacks\n\nFortinet publicly disclosed today a critical\u00a0FortiManager API vulnerability, tracked as CVE-2024-47575,\u00a0that was exploited in zero-day attacks to steal sensitive files containing configurations, IP addresses, and credentials for managed devices. [...]\n\nhttps://www.bleepingcomputer.com/news/security/fortinet-warns-of-new-critical-fortimanager-flaw-used-in-zero-day-attacks/", "creation_timestamp": "2024-10-23T16:01:18.000000Z"}, {"uuid": "d89ad265-13a7-47db-bfe1-d7800ab94cf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://t.me/itsec_news/5763", "content": "\u200b\u26a1\ufe0fSet_password, \u0438 \u0432\u0443\u0430\u043b\u044f: FortiSwitch \u0441\u0430\u043c \u043e\u0442\u0434\u0430\u0451\u0442 \u043a\u043b\u044e\u0447\u0438\n\n\ud83d\udcac Fortinet \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 FortiSwitch, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u043c\u0435\u043d\u044f\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u043c \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 FortiSwitch \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2024-48887 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.8).\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u0440\u0438 \u0441\u043c\u0435\u043d\u0435 \u043f\u0430\u0440\u043e\u043b\u044f \u0447\u0435\u0440\u0435\u0437 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 FortiSwitch. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0433 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 \u043d\u0430 endpoint set_password \u0438 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u0445\u043e\u0434\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0438 \u0431\u0435\u0437 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u0410\u0442\u0430\u043a\u0430 \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0435\u0451 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u2014 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432 \u043b\u044e\u0431\u043e\u0439 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438, \u0433\u0434\u0435 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u043e\u0442\u043a\u0440\u044b\u0442.\n\n\u041f\u043e\u0434 \u0443\u0434\u0430\u0440 \u043f\u043e\u043f\u0430\u043b\u0438 \u0432\u0435\u0440\u0441\u0438\u0438 FortiSwitch \u043e\u0442 6.4.0 \u0434\u043e 7.6.0. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0436\u0435 \u0437\u0430\u043a\u0440\u044b\u0442\u0430 \u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u0445 6.4.15, 7.0.11, 7.2.9, 7.4.5 \u0438 7.6.1. \u0422\u0435\u043c, \u043a\u0442\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, Fortinet \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u2014 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c HTTP \u0438 HTTPS-\u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c \u0441 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0445\u043e\u0441\u0442\u043e\u0432.\n\n\u0422\u0430\u043a\u0436\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0440\u044f\u0434 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c. \u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c OS command injection \u0432 FortiIsolator (CVE-2024-54024) \u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 MitM-\u0430\u0442\u0430\u043a\u0430\u043c\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 FortiOS, FortiProxy, FortiManager, FortiAnalyzer, FortiVoice \u0438 FortiWeb (CVE-2024-26013 \u0438 CVE-2024-50565). \u0412\u0441\u0435 \u043e\u043d\u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0431\u0435\u0437 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438.\n\nFortinet \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u0446\u0435\u043b\u044c\u044e \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f. \u0412 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043b\u0438 \u043d\u0430\u0431\u043e\u0440 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 DeepData \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 Zero-Day \u0432 Windows-\u043a\u043b\u0438\u0435\u043d\u0442\u0435 FortiClient VPN. \u0415\u0449\u0451 \u043e\u0434\u043d\u0430 \u0443\u0433\u0440\u043e\u0437\u0430 \u2014 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0441 \u0438\u044e\u043d\u044f 2024 \u0433\u043e\u0434\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-47575, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u0438\u043c\u044f FortiJump , \u2014 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0431\u043e\u043b\u0435\u0435 50 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 FortiManager.\n\n\u0421 \u043d\u0430\u0447\u0430\u043b\u0430 2025 \u0433\u043e\u0434\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u044b \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u2014 CVE-2024-55591 \u0438 CVE-2025-24472 \u2014 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439. \u0412\u0441\u0435 \u044d\u0442\u0438 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u044b \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Fortinet \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u043e\u0441\u0442\u0430\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u0444\u043e\u043a\u0443\u0441\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u0430 \u043d\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u0441\u0442\u0440\u043e \u043d\u0430\u0445\u043e\u0434\u044f\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\nFortinet \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u0435\u0442 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u044c \u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u0441\u0435\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0438 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430\u043c, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u0440\u043e\u0441\u0442\u0430 \u0447\u0438\u0441\u043b\u0430 \u0430\u0442\u0430\u043a, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-04-11T05:28:39.000000Z"}, {"uuid": "c6e5c00a-7ec4-4f9e-8c23-7fa47a58053a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8933", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-47575: FortiManager Missing Authentication\nURL\uff1ahttps://github.com/VIRKiss/CVE-2024-47575\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-02T19:10:12.000000Z"}, {"uuid": "d2bde032-7b9d-46ec-8e2a-685d7a4fb627", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "https://t.me/kasperskyb2b/1476", "content": "\ud83c\udf83 \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83c\udfea\u041d\u0435\u0434\u0435\u043b\u044f \u0431\u044b\u043b\u0430 \u0431\u043e\u0433\u0430\u0442\u0430 \u043d\u0430 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u043e Lazarus. \u042d\u0442\u043e\u0442 APT-\u0430\u043a\u0442\u043e\u0440, \u043e\u0434\u0438\u043d\u0430\u043a\u043e\u0432\u043e \u043b\u044e\u0431\u044f\u0449\u0438\u0439 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u043a\u0440\u0435\u0442\u044b \u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u0443:\n\ud83c\udd97 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0443\u044e MOBA-\u0438\u0433\u0440\u0443, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u043c\u0430\u043d\u0438\u0432\u0430\u0442\u044c \u043a\u0440\u0438\u043f\u0442\u043e\u0438\u043d\u0432\u0435\u0441\u0442\u043e\u0440\u043e\u0432 \u043d\u0430 \u0435\u0451 \u0441\u0430\u0439\u0442 \u0438 \u0437\u0430\u0440\u0430\u0436\u0430\u0442\u044c \u0412\u041f\u041e, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044f \u0437\u0438\u0440\u043e\u0434\u0435\u0439 \u0432 Chrome. \u0414\u043b\u044f \u043f\u0440\u043e\u0434\u0432\u0438\u0436\u0435\u043d\u0438\u044f \u0438\u0433\u0440\u044b \u0432\u0435\u043b\u0430\u0441\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u0440\u0435\u043a\u043b\u0430\u043c\u0430 \u0432 \u0441\u043e\u0446\u043c\u0435\u0434\u0438\u0430;\n\ud83c\udd97 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 npm-\u043f\u0430\u043a\u0435\u0442 NFT_marketplace, \u0437\u0430\u0440\u0430\u0436\u0430\u044e\u0449\u0438\u0439 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u043c BeaverTail;\n\ud83c\udd97 \u0437\u0430\u043c\u0430\u043d\u0438\u0432\u0430\u043b\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438 \u043e \u0440\u0430\u0431\u043e\u0442\u0435 \u0432 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u043d\u044b\u0445 \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u0445, \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \"\u0441\u043e\u0431\u0435\u0441\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f\" \u043f\u043e\u0431\u0443\u0436\u0434\u0430\u043b\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0412\u041f\u041e \u043d\u0430 Python.\n\n\u2757\ufe0f \u041e\u0431\u0437\u043e\u0440 \u043d\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0438\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u0435\u0440\u043e\u0432: Kral, Amos, Vidar.\n\n\u2757\ufe0f \u0426\u0435\u043b\u0435\u0432\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0430\u0440\u043c\u044f\u043d\u043e\u044f\u0437\u044b\u0447\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0436\u0435\u0440\u0442\u0432 \u043f\u043e\u0431\u0443\u0436\u0434\u0430\u044e\u0442 \u0441\u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438 \u0432\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0432 PowerShell \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442, \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0449\u0438\u0439 PDQ RMM. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0440\u0443\u044e\u0442 \u0430\u0442\u0430\u043a\u0443 APT MuddyWater.\n\n\u2757\ufe0f\u0420\u0430\u0437\u0431\u043e\u0440 \u0441\u0432\u0435\u0436\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0431\u0430\u043d\u043a\u0435\u0440\u0430 Grandoreiro, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0440\u0430\u0436\u0430\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 1700 \u0431\u0430\u043d\u043a\u043e\u0432 \u0432 45 \u0441\u0442\u0440\u0430\u043d\u0430\u0445. \u0423\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u043d\u043e \u044d\u0442\u043e Windows \u0412\u041f\u041e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u043f\u0440\u043e\u0446\u0432\u0435\u0442\u0430\u0442\u044c, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0440\u043e\u0441\u0442 \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u043e\u0433\u043e \u0431\u0430\u043d\u043a\u0438\u043d\u0433\u0430 \u0432\u043e \u0432\u0441\u0451\u043c \u043c\u0438\u0440\u0435.\n\n\u2757\ufe0f\u041d\u043e\u0432\u044b\u0435 \u0434\u0435\u044f\u0442\u0435\u043b\u0438 \u043d\u0430 \u0430\u0440\u0435\u043d\u0435 ransomware: Embargo. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0435 \u0412\u041f\u041e \u043d\u0430 Rust \u0438 \u0433\u043b\u0443\u0448\u0430\u0442 EDR \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 MS4Killer.\n\n\u2757\ufe0f\u0410 \u0430\u0432\u0442\u043e\u0440\u044b Akira ransomware \u0440\u0430\u0437\u043e\u0447\u0430\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0441\u0432\u043e\u0435\u0439 v2 \u043d\u0430 Rust  \u0438 \u0432\u0435\u0440\u043d\u0443\u043b\u0438\u0441\u044c \u043a \u0441\u0442\u0430\u0440\u043e\u0439 \u0441\u0445\u0435\u043c\u0435 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 C++.\n\n\u2757\ufe0f\u041d\u043e\u0432\u044b\u0435 \u043c\u0435\u0442\u043e\u0434\u044b \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0443\u0445\u043e\u0434\u0430 \u043e\u0442 \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432 Quilin/Agenda RaaS. \n\n\u2757\ufe0f\u0421\u0435\u0440\u0432\u0435\u0440\u044b Docker \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0438\u043d\u0433\u043e\u0432\u044b\u043c \u0431\u043e\u0442\u043e\u043c SRBminer. \u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u0435\u043d \u0441\u043f\u043e\u0441\u043e\u0431 \u0430\u0442\u0430\u043a\u0438 \u2014 \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b gRPC \u043f\u043e\u0432\u0435\u0440\u0445 h2c (HTTP/2 \u0431\u0435\u0437 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f).\n\n\u041d\u0435\u0434\u0435\u043b\u044f \u043f\u0440\u043e\u0448\u043b\u0430 \u0431\u043e\u0434\u0440\u043e \u0434\u043b\u044f \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438:\n\ud83c\udd97 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c Cisco \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 36 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0439 \u0437\u0438\u0440\u043e\u0434\u0435\u0439 \u0432 ASA & FTD, CVE-2024-20481, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0434\u043b\u044f \u0432\u044b\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0438\u0437 \u0441\u0442\u0440\u043e\u044f \u0441\u0435\u0440\u0432\u0438\u0441\u0430 RAVPN.\n\n\ud83c\udd97 Fortinet \u0437\u0430\u043a\u0440\u044b\u043b\u0430 CVE-2024-47575, RCE \u0432 FortiManager, \u0430 \u0437\u0430\u0442\u0435\u043c \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0447\u0442\u043e \u043e\u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432\u0436\u0438\u0432\u0443\u044e. \u0413\u043e\u0432\u043e\u0440\u044f\u0442, \u0447\u0442\u043e \u0441\u0445\u0435\u043c\u0430 \u0430\u0442\u0430\u043a\u0438 \u0442\u0430\u043a\u043e\u0432\u0430: \u0447\u0435\u0440\u0435\u0437 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u0443\u044e\u0442 MSP, \u0430 \u0437\u0430\u0442\u0435\u043c \u2014 \u0438\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432.\n\n\u2757\ufe0f\u041d\u0435 \u0441\u0435\u0442\u0435\u0432\u0430\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c, \u043d\u043e \u0442\u043e\u0436\u0435 \u0431\u043e\u0434\u0440\u043e \u2014  CVE-2024-38094 \u0432 SharePoint server \u0431\u044b\u0441\u0442\u0440\u043e \u043e\u0431\u0437\u0430\u0432\u0435\u043b\u0430\u0441\u044c \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u043c PoC, \u0430 \u0442\u0435\u043f\u0435\u0440\u044c \u0435\u0451 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #APT #\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2024-10-28T12:05:13.000000Z"}, {"uuid": "d9cd20e8-b81b-4f49-bc94-72a887c2e96c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/654", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-47575: Critical Remote Code Execution (RCE) Vulnerability in VMware Horizon\nURL\uff1ahttps://github.com/groshi/CVE-2024-47575-POC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-29T13:12:35.000000Z"}, {"uuid": "4db43fef-5616-433f-aa97-b0f625afca4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "https://t.me/cibsecurity/80556", "content": "\ud83e\udd85 CISA Flags Critical Vulnerability (CVE-2024-47575) in Fortinet\u2019s FortiManager \ud83e\udd85\n\n  Overview\u00a0   The Cybersecurity and Infrastructure Security Agency CISA has added Fortinets FortiManager to its known Exploited Vulnerabilities KEV catalog, indicating a pressing need for organizations to address the associated risks.\u00a0   The critical vulnerability identified as CVE202447575 has been assigned a CVSS score of 9.8. This vulnerability affects various versions of FortiManager, including FortiManager 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, and 6.2.0 through 6.2.12, as well as multiple iterations of FortiManager Cloud.\u00a0\u00a0   The vulnerability stems from a missing authentication issue within the critical functions of the FortiManager fgfmd daemon, allowing remote, unauthenticated attackers to execute arbitrary commands or code ...\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"CYBLE\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-10-24T17:03:42.000000Z"}, {"uuid": "8872dc6e-4626-4163-bed2-36834a7e6810", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://t.me/cvedetector/8703", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47575 - Fortinet FortiManager Arbitrary Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47575 \nPublished : Oct. 23, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4, FortiManager Cloud 7.2.1 through 7.2.7, FortiManager Cloud 7.0.1 through 7.0.13, FortiManager Cloud 6.4.1 through 6.4.7 allows attacker to execute arbitrary code or commands via specially crafted requests. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T18:13:38.000000Z"}, {"uuid": "2115a1a1-d353-4392-96ff-040c14b40d74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/Celestial_Pulse24/11374", "content": "\u200aNew Threat Group UNC5820 Targets FortiManager Zero-Day CVE-2024-47575 in Global Cyberattack\n\nhttps://securityonline.info/new-threat-group-unc5820-targets-fortimanager-zero-day-cve-2024-47575-in-global-cyberattack/", "creation_timestamp": "2024-11-02T16:56:31.000000Z"}, {"uuid": "9f4434af-64be-49e7-944a-f5419decb0a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "Telegram/8vscstuB9t2zhKiGPLgRBoM0TyZl5YOM20NvbJThOJYPw9c", "content": "", "creation_timestamp": "2024-10-25T05:38:16.000000Z"}, {"uuid": "61b9d8f2-ab55-40df-8ec3-ffc8b1148b89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "Telegram/Pms_nek1HbiWX4t-ihC0qitpo32DRGKXQWKdfa9tZOEt9w", "content": "", "creation_timestamp": "2024-10-24T12:19:57.000000Z"}, {"uuid": "eaca5a7d-07be-4820-87db-38478db4d1b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "https://t.me/ViralCyber/7301", "content": "\ud83d\udd34\u0627\u062c\u0631\u0627\u06cc Exploit \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u062e\u06cc\u0631 Fortinet\n\u25c0\ufe0f\u0627\u062e\u06cc\u0631\u0627 \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc Zeroday \u062f\u0631 Fortinet \u0628\u0647 \u0646\u0627\u0645 FortiJump \u0648 \u0628\u0627 \u0634\u0645\u0627\u0631\u0647 CVE-2024-47575 \u06a9\u0634\u0641 \u0648 Patch \u0634\u062f\u0647 \u0627\u0633\u062a. \u062d\u0627\u0644\u0627 \u0645\u0634\u062e\u0635 \u0634\u062f\u0647 \u06a9\u0647 \u0627\u0632 \u0645\u0627\u0647\u200c\u0647\u0627 \u0642\u0628\u0644 \u0627\u0632 \u0627\u0646\u062a\u0634\u0627\u0631 Patch\u060c \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062a\u0648\u0633\u0637 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0645\u0648\u0631\u062f \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\u0647 \u0627\u0633\u062a.\n \u25c0\ufe0f\u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0631\u0627 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0628\u0631 \u0631\u0648\u06cc FortiManager \u0627\u062c\u0631\u0627 \u06a9\u0646\u0646\u062f \u0648 \u0628\u0647 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc Fortinet \u062a\u062d\u062a \u0645\u062f\u06cc\u0631\u06cc\u062a \u062f\u0633\u062a\u0631\u0633\u06cc \u067e\u06cc\u062f\u0627 \u06a9\u0646\u0646\u062f. \u0628\u0631 \u0627\u0633\u0627\u0633 \u062a\u062d\u0642\u06cc\u0642\u0627\u062a Mandiant\u060c \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0632 \u0698\u0648\u0626\u0646 2024 \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0634\u062f\u0647 \u0648 \u062f\u0631 \u062d\u0627\u0644 \u062d\u0627\u0636\u0631  \u0642\u0631\u0628\u0627\u0646\u06cc\u0627\u0646 \u0627\u062d\u062a\u0645\u0627\u0644\u06cc \u0632\u06cc\u0627\u062f\u06cc \u062f\u0631 \u0635\u0646\u0627\u06cc\u0639 \u0645\u062e\u062a\u0644\u0641 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f. Fortinet \u0648\u0635\u0644\u0647\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0648 \u0631\u0627\u0647\u06a9\u0627\u0631\u0647\u0627\u06cc\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a.\n\u25c0\ufe0f\u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631\n\n\u2709\ufe0f @PingChannel\n\u062e\u0628\u0631\u060c \u062a\u062d\u0644\u06cc\u0644\u060c \u0627\u0646\u062a\u0642\u0627\u062f - \u0641\u0646\u0627\u0648\u0631\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a\n\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\u00a0 \ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b", "creation_timestamp": "2024-10-25T06:18:33.000000Z"}, {"uuid": "86517b72-07f1-4e69-ba92-2561ff69b19f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/2110", "content": "WatchTowr POCs:\nCVE-2024-8068 & CVE-2024-8069 : Citrix Virtual Apps and Desktops (XEN) $versions - Unauthenticated Remote Code execution (Chain) \nPOC/AN : https://github.com/watchtowrlabs/Citrix-Virtual-Apps-XEN-Exploit\nCVE-2024-47575 : Fortinet FortiManager 'Fgfmsd' $versions Unauthenticated Remote Code Execution (AKA FortiJump)\nPOC/AN : https://github.com/watchtowrlabs/Fortijump-Exploit-CVE-2024-47575\nCVE-2024-0012 & CVE-2024-9474 : PAN-OS $versions - Authentication Bypass LPE Root Command Injection (AKA Sslvpn _ Chain)\nPOC/AN : https://github.com/watchtowrlabs/palo-alto-panos-cve-2024-0012/\n\n\ud83d\udd34 Share & Support Us \ud83d\udd34\n\u26a1\ufe0f Channel : @ZeroEthical_Course", "creation_timestamp": "2024-12-03T00:18:01.000000Z"}, {"uuid": "5ea0a87b-e8fb-4177-997c-4129c3d52b26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "https://t.me/Dragon_Sec/782", "content": "\u200aNew Threat Group UNC5820 Targets FortiManager Zero-Day CVE-2024-47575 in Global Cyberattack\n\nhttps://securityonline.info/new-threat-group-unc5820-targets-fortimanager-zero-day-cve-2024-47575-in-global-cyberattack/", "creation_timestamp": "2024-10-25T05:35:07.000000Z"}, {"uuid": "8a909fb2-d2b7-4e95-b620-a2af3ef85953", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "Telegram/6E-aYcv70W0POUuZKvSJt8L2VrNvGeahBHOm1I5Q1gCmYg", "content": "", "creation_timestamp": "2024-10-25T05:35:07.000000Z"}, {"uuid": "068aa656-2d16-4ea9-8163-487c409a2c92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "https://t.me/Dragon_Sec/6208", "content": "\u200aNew Threat Group UNC5820 Targets FortiManager Zero-Day CVE-2024-47575 in Global Cyberattack\n\nhttps://securityonline.info/new-threat-group-unc5820-targets-fortimanager-zero-day-cve-2024-47575-in-global-cyberattack/", "creation_timestamp": "2024-10-25T05:35:07.000000Z"}, {"uuid": "a7c225f5-455b-425a-9bbe-1a45e430e04e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "Telegram/iTNDwpLB0VtwMDCL0RLoBvP0alyYMwYnNHr0mKoNWYe0vIyH", "content": "", "creation_timestamp": "2025-01-01T23:15:18.000000Z"}, {"uuid": "ca808ffc-0ce6-4ba2-896a-3313281f40c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/tengkorakcybercrewz/24574", "content": "UNC5820 Exploits FortiManager Zero-Day Vulnerability (CVE-2024-47575) \u2013 hackread.com\n\nFri, 25 Oct 2024 20:03:48", "creation_timestamp": "2024-10-25T18:03:03.000000Z"}, {"uuid": "deafc5d9-b7b5-478c-9e88-164f3dba9370", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "Telegram/QnBU3JoZDhQZ6GLnBrg4qmP8J5cNU_6rnWFgx3NPObdpRw", "content": "", "creation_timestamp": "2024-10-24T12:58:13.000000Z"}, {"uuid": "2561c5f2-3be0-4572-a316-d68c3ee17aa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://t.me/ZeroDay_ru/370", "content": "#exploit\n1. CVE-2024-3393:\nPalo Alto Networks PAN-OS Malicious DNS Packet Vulnerability (DoS)\n\n2. CVE-2024-12908:\nDelinea Protocol Handler - RCE via Update Process\n\n3. CVE-2024-53677:\nUnrestricted Upload of File with Dangerous Type and RCE in Apache Struts\n\n4. CVE-2021-44967:\nLimeSurvey <=5.2 - RCE\n\n5. CVE-2024-47575:\nFortinet FortiManager Missing Authentication", "creation_timestamp": "2025-01-06T13:23:51.000000Z"}, {"uuid": "bad6e1b2-237f-4536-88f6-bfc14cec2c2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/10473", "content": "Fortimanager Unauthenticated Remote Code Execution AKA fortijump CVE-2024-47575\n\nPOC for CVSS 9.8 vulnerability in FortiManager, their tool for central management of FortiGate appliances.\n\nBlog: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/\n\n#1N73LL1G3NC3 #fortinet\n\n@freedomf0x", "creation_timestamp": "2024-11-15T03:55:46.000000Z"}, {"uuid": "38f5e971-a146-4f12-ac7b-18e026086e35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/tengkorakcybercrewz/5421", "content": "UNC5820 Exploits FortiManager Zero-Day Vulnerability (CVE-2024-47575) \u2013 hackread.com\n\nFri, 25 Oct 2024 20:03:48", "creation_timestamp": "2024-10-25T18:03:03.000000Z"}, {"uuid": "826fe46e-3fe3-46a8-ba40-c9c72cdd5d43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "https://t.me/KomunitiSiber/2762", "content": "Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation\nhttps://thehackernews.com/2024/10/fortinet-warns-of-critical.html\n\nFortinet has confirmed details of a critical security flaw impacting FortiManager that has come under active exploitation in the wild.\nTracked as CVE-2024-47575 (CVSS score: 9.8), the vulnerability is also known as FortiJump and is rooted in the FortiGate to FortiManager (FGFM) protocol.\n\"A missing authentication for critical function vulnerability [CWE-306] in FortiManager fgfmd daemon may", "creation_timestamp": "2024-10-24T16:09:06.000000Z"}, {"uuid": "04ca752b-341d-4d8b-bc76-8629cc2a182a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "Telegram/Es_Pey5_2fMp3ynmZK51TgimDa6ZnHLvfTHJHRYaFCR1gd4", "content": "", "creation_timestamp": "2024-11-14T19:59:28.000000Z"}, {"uuid": "e73a5253-9cd4-4466-864f-ab004c4859b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "https://t.me/eaglecyberwashere/55280", "content": "UNC5820 Exploits FortiManager Zero-Day Vulnerability (CVE-2024-47575) \u2013 hackread.com\n\nFri, 25 Oct 2024 20:03:48", "creation_timestamp": "2024-10-25T18:03:03.000000Z"}, {"uuid": "d1d93483-ef0e-46f1-9d0b-8b2f43039fdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/Leak_DBMS/1524", "content": "WatchTowr POCs:\nCVE-2024-8068 & CVE-2024-8069 : Citrix Virtual Apps and Desktops (XEN) $versions - Unauthenticated Remote Code execution (Chain) \nPOC/AN : https://github.com/watchtowrlabs/Citrix-Virtual-Apps-XEN-Exploit\nCVE-2024-47575 : Fortinet FortiManager 'Fgfmsd' $versions Unauthenticated Remote Code Execution (AKA FortiJump)\nPOC/AN : https://github.com/watchtowrlabs/Fortijump-Exploit-CVE-2024-47575\nCVE-2024-0012 & CVE-2024-9474 : PAN-OS $versions - Authentication Bypass LPE Root Command Injection (AKA Sslvpn _ Chain)\nPOC/AN : https://github.com/watchtowrlabs/palo-alto-panos-cve-2024-0012/\n@APTIRAN", "creation_timestamp": "2024-11-29T13:06:54.000000Z"}, {"uuid": "3d69d117-b8c4-4e1b-801f-37b4b3659a1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/eaglecyberwashere/3337", "content": "UNC5820 Exploits FortiManager Zero-Day Vulnerability (CVE-2024-47575) \u2013 hackread.com\n\nFri, 25 Oct 2024 20:03:48", "creation_timestamp": "2024-10-25T18:03:03.000000Z"}, {"uuid": "e135182c-455a-4b2b-bdce-da335117e67e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2377", "content": "CVE-2024-47575 FortiManager\n*\n\u0423\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0431\u044b\u0441\u0442\u0440\u043e \u0443\u0448\u0435\u043b push, \u0434\u0430 \u0435\u0449\u0435 \u0438 \u0437\u0430\u0430\u043f\u0440\u0443\u0432\u0438\u043b\u0438 \u0432 metasploit-framework\n\u041d\u043e \u0442\u0430\u043a \u0438\u043b\u0438 \u0438\u043d\u0430\u0447\u0435 \u043c\u043e\u0434\u0443\u043b\u044c \u0435\u0441\u0442\u044c, \u0436\u043c\u0438 msfupdate ))\n*\nPull Req\n\n#fortinet #metasploit", "creation_timestamp": "2024-11-15T19:54:45.000000Z"}, {"uuid": "4aac8cbb-ec7e-475d-b9de-6d733e643361", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/10156", "content": "Fortimanager Unauthenticated Remote Code Execution AKA fortijump CVE-2024-47575\n\nPOC for CVSS 9.8 vulnerability in FortiManager, their tool for central management of FortiGate appliances.\n\nBlog: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/\n\n#1N73LL1G3NC3 #fortinet\n\n@freedomf0x", "creation_timestamp": "2024-11-15T03:55:46.000000Z"}, {"uuid": "00557102-7b85-4e21-a729-e530fdd60323", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/cybersecs/3089", "content": "You already know about CVE-2024-47575, right? RIGHT?\n\n[ FortiManager Zero-Day (CVE-2024-47575) ]\n\nFortiManager fgfmd daemon may allow a remote unauthenticated attacker to  execute arbitrary code or commands via specially crafted requests (critical) / aka FortiJump.\n\nFrom Vendor: https://www.fortiguard.com/psirt/FG-IR-24-423\n\nFrom Mandiant: https://cloud.google.com/blog/topics/threat-intelligence/fortimanager-zero-day-exploitation-cve-2024-47575", "creation_timestamp": "2024-10-24T20:29:20.000000Z"}, {"uuid": "7cc517e2-2db9-44b8-b26c-d2d1e7532228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/cybersecs/3322", "content": "\ud83d\udea8 Fortinet FortiManager Unauthenticated RCE (CVE-2024-47575)\n\nThe remote code execution vulnerability in FortiManager allows attackers to perform arbitrary operations by exploiting commands via the FGFM protocol, circumventing authentication. Referred to as FortiJump, this vulnerability provides unauthorized access to FortiManager, enabling control over FortiGate devices by taking advantage of insufficient security in command handling and device registration processes. \n\n\ud83d\udee0 Affected Versions:\nFortiManager 7.6.0\nFortiManager 7.4.0 through 7.4.4\nFortiManager 7.2.0 through 7.2.7\nFortiManager 7.0.0 through 7.0.12\nFortiManager 6.4.0 through 6.4.14\nFortiManager 6.2.0 through 6.2.12\nFortiManager Cloud 7.4.1 through 7.4.4\nFortiManager Cloud 7.2.1 through 7.2.7\nFortiManager Cloud 7.0.1 through 7.0.12\nFortiManager Cloud 6.4\n\n\ud83d\udd17 Research: \nhttps://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/\n\n\ud83d\udd17 Source: \nhttps://github.com/watchtowrlabs/Fortijump-Exploit-CVE-2024-47575\n\n#fortinet #fortimanager #fgfm #unauth #rce", "creation_timestamp": "2024-11-28T18:35:25.000000Z"}, {"uuid": "a63dcde7-c8fe-4564-a6c2-8a17f0f1edba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "https://t.me/CyberSecurityIL/59763", "content": "\u05d7\u05d5\u05dc\u05e9\u05d4 Zero Day \u05d7\u05d3\u05e9\u05d4 \u05d1\u05de\u05d5\u05e6\u05e8 \u05e9\u05dc Fortinet \u05de\u05e0\u05d5\u05e6\u05dc\u05ea \u05d1\u05e4\u05d5\u05e2\u05dc \u05de\u05d6\u05d4 \u05de\u05e1\u05e4\u05e8 \u05d7\u05d5\u05d3\u05e9\u05d9\u05dd \u05e2\u05dc \u05d9\u05d3\u05d9 \u05ea\u05d5\u05e7\u05e4\u05d9\u05dd \u05de\u05e1\u05d1\u05d9\u05d1 \u05dc\u05e2\u05d5\u05dc\u05dd.\n\n\u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 - CVE-2024-47575 \u05d4\u05de\u05db\u05d5\u05e0\u05d4 FortiJump, \u05e7\u05d9\u05d9\u05de\u05ea \u05d1\u05e8\u05db\u05d9\u05d1 Fortinet Forti Manager \u05d5\u05de\u05e0\u05d5\u05e6\u05dc\u05ea \u05d1\u05e4\u05d5\u05e2\u05dc \u05de\u05d0\u05d6 \u05d9\u05d5\u05e0\u05d9 \u05d4\u05e9\u05e0\u05d4.\n\n\u05d7\u05d1\u05e8\u05ea Mandiant \u05d3\u05d9\u05d5\u05d5\u05d7\u05d4 \u05d1\u05d4\u05e8\u05d7\u05d1\u05d4 \u05e2\u05dc \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05db\u05e9\u05d1\u05de\u05e7\u05d1\u05d9\u05dc \u05d2\u05dd \u05d7\u05d1\u05e8\u05ea Fortinet \u05e4\u05d9\u05e8\u05e1\u05de\u05d4 \u05d4\u05d5\u05d3\u05e2\u05d4 \u05d1\u05e0\u05d5\u05e9\u05d0.\n\nhttps://t.me/CyberSecurityIL/5935\n\n#\u05d7\u05d5\u05dc\u05e9\u05d4", "creation_timestamp": "2024-10-24T20:36:36.000000Z"}, {"uuid": "fcb35c76-cf78-4811-9cb1-493e92cccea9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "https://t.me/true_secator/6357", "content": "Fortinet \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e 0-day \u0441 CVSS 9,8/10 \u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 FortiManager.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a\u00a0CVE-2024-47575\u00a0\u0438 \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0432 \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u043c Fortinet API FGFM.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 Fortinet, \u043e\u043d\u0430 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0438\u043b\u0438 \u043a\u043e\u043c\u0430\u043d\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 FortiGate \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 FortiManager \u0438 FortiGate \u0441 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430\u043c\u0438 \u0434\u043b\u044f \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u043d\u0430 \u043b\u044e\u0431\u043e\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 FortiManager.\n\n\u041f\u043e\u0441\u043b\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u043e\u043d\u043e \u043d\u0430\u0445\u043e\u0434\u0438\u043b\u043e\u0441\u044c \u0432 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u043c\u0435\u044e\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 API \u043d\u0430 FortiManager.\n\nMandiant \u0432\u00a0\u043d\u043e\u0432\u043e\u043c \u043e\u0442\u0447\u0435\u0442\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e CVE-2024-47575 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c \u043a\u0430\u043a UNC5820, \u0441 27 \u0438\u044e\u043d\u044f 2024 \u0433\u043e\u0434\u0430 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 50 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432.\n\n\u0412\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u044e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043a\u0440\u0438\u043f\u0442\u0430 \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438\u0437 FortiManager, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0445 IP-\u0430\u0434\u0440\u0435\u0441\u0430, \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\nFortinet \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u043b\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u043e \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043d\u0438\u0437\u043a\u043e\u0443\u0440\u043e\u0432\u043d\u0435\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430\u0445 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0438\u043b\u0438 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432 \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 FortiManager, \u043a\u0430\u043a \u0438 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u043d\u044b\u0445 \u0431\u0430\u0437 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u043b\u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0435 \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u0434\u0430\u043d\u043d\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b UNC5820 \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 FortiManager, \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u043d\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438, \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435, \u043d\u0430\u043f\u0430\u0434\u0435\u043d\u0438\u044f \u043d\u0430 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u0441\u0440\u0435\u0434\u0443.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u043e\u0441\u043b\u0435 \u043f\u0435\u0440\u0432\u044b\u0445 \u0430\u0442\u0430\u043a \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u043e\u043c \u043d\u0435 \u0431\u044b\u043b\u043e \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u044f\u0442\u043e \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439, Mandiant \u043d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c \u0446\u0435\u043b\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0438 \u0438\u0445 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0435 \u043c\u0435\u0441\u0442\u043e\u043d\u0430\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0432\u043e \u0432\u0441\u0435\u0445 \u043b\u0438\u043d\u0435\u0439\u043a\u0430\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f \u0432\u0435\u0440\u0441\u0438\u0439 7.0, 7.2, 7.4 \u0438 7.6 FortiManager.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 IOC \u0438 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0435 \u043f\u0443\u0442\u0438 \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0440\u0438\u0441\u043a\u0430 \u043f\u0443\u0442\u0435\u043c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u00ab\u0431\u0435\u043b\u044b\u0445\u00bb \u0441\u043f\u0438\u0441\u043a\u043e\u0432 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432.\n\n\u041f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0432\u0448\u0438\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0436\u0443\u0440\u043d\u0430\u043b\u044b \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0434\u0430\u0442\u044b \u0432\u0437\u043b\u043e\u043c\u0430.", "creation_timestamp": "2024-10-24T16:00:07.000000Z"}, {"uuid": "03b5bef2-7764-4e45-beaf-b9e939141516", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "https://t.me/ctinow/225530", "content": "FortiJump flaw CVE-2024-47575 has been exploited in zero-day attacks since June 2024\nhttps://ift.tt/CUA1ItT", "creation_timestamp": "2024-10-24T14:06:14.000000Z"}, {"uuid": "f928cb07-4ec2-47b6-8266-f47939e3f282", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1552", "content": "\ud83d\udea8 Fortinet FortiManager Unauthenticated RCE (CVE-2024-47575)\n\nThe remote code execution vulnerability in FortiManager allows attackers to perform arbitrary operations by exploiting commands via the FGFM protocol, circumventing authentication. Referred to as FortiJump, this vulnerability provides unauthorized access to FortiManager, enabling control over FortiGate devices by taking advantage of insufficient security in command handling and device registration processes. \n\n\ud83d\udee0 Affected Versions:\nFortiManager 7.6.0\nFortiManager 7.4.0 through 7.4.4\nFortiManager 7.2.0 through 7.2.7\nFortiManager 7.0.0 through 7.0.12\nFortiManager 6.4.0 through 6.4.14\nFortiManager 6.2.0 through 6.2.12\nFortiManager Cloud 7.4.1 through 7.4.4\nFortiManager Cloud 7.2.1 through 7.2.7\nFortiManager Cloud 7.0.1 through 7.0.12\nFortiManager Cloud 6.4\n\n\ud83d\udd17 Research: \nhttps://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/\n\n\ud83d\udd17 Source: \nhttps://github.com/watchtowrlabs/Fortijump-Exploit-CVE-2024-47575\n\n#fortinet #fortimanager #fgfm #unauth #rce", "creation_timestamp": "2024-11-15T07:09:37.000000Z"}, {"uuid": "04244c3a-5466-49b0-815f-c96ecdaafd9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "https://t.me/thehackernews/5779", "content": "\ud83d\udea8 Fortinet confirms a critical vulnerability (CVE-2024-47575 / CVSS 9.8) affecting FortiManager is being actively exploited! \n \nIt could allow unauthorized remote access, potentially compromising sensitive data & configurations. \n \nhttps://thehackernews.com/2024/10/fortinet-warns-of-critical.html \n \nDon't wait\u2014patch now.", "creation_timestamp": "2024-10-24T08:28:42.000000Z"}, {"uuid": "c3141fa7-ea7a-4565-b36b-d62b6ebb0f02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9327", "content": "Hop-Skip-FortiJump-FortiJump-Higher - Fortinet FortiManager CVE-2024-47575\n\nhttps://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/", "creation_timestamp": "2024-11-15T08:45:15.000000Z"}, {"uuid": "e301362f-e298-44b5-9bc7-edd0d585cf72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11647", "content": "#exploit\n1. CVE-2024-3393:\nPalo Alto Networks PAN-OS Malicious DNS Packet Vulnerability (DoS)\n\n2. CVE-2024-12908:\nDelinea Protocol Handler - RCE via Update Process\n\n3. CVE-2024-53677:\nUnrestricted Upload of File with Dangerous Type and RCE in Apache Struts\n\n4. CVE-2021-44967:\nLimeSurvey <=5.2 - RCE\n\n5. CVE-2024-47575:\nFortinet FortiManager Missing Authentication", "creation_timestamp": "2025-01-06T15:36:02.000000Z"}, {"uuid": "47fd96c9-aa53-473a-9d34-c0315408d3c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/311", "content": "https://github.com/Axi0n1ze/CVE-2024-47575-POC\n\nCVE POC Exploit\n#github #poc", "creation_timestamp": "2025-01-06T10:55:11.000000Z"}, {"uuid": "a01f449a-9676-46d6-902f-758ae23228de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/HackerInvestigationZone/32", "content": "\ud83d\udea8 Fortinet FortiManager Unauthenticated RCE (CVE-2024-47575)\nThe remote code execution vulnerability in FortiManager allows attackers to perform arbitrary operations by exploiting commands via the FGFM protocol circumventing authentication Referred to as FortiJump this vulnerability provides unauthorized access to FortiManager enabling control over FortiGate devices by taking advantage of insufficient security in command handling and device registration processes\n\u2699\ufe0f Affected Versions:\nFortiManager 7.6.0\nFortiManager 7.4.0 through 7.4.4\nFortiManager 7.2.0 through 7.2.7\nFortiManager 7.0.0 through 7.0.12\nFortiManager 6.4.0 through 6.4.14\nFortiManager 6.2.0 through 6.2.12\nFortiManager Cloud 7.4.1 through 7.4.4\nFortiManager Cloud 7.2.1 through 7.2.7\nFortiManager Cloud 7.0.1 through 7.0.12\nFortiManager Cloud 6.4\nResearch: \nhttps://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/\nSource: \nhttps://github.com/watchtowrlabs/Fortijump-Exploit-CVE-2024-47575\n\n#Investigation_of_hacking", "creation_timestamp": "2024-11-15T15:06:06.000000Z"}, {"uuid": "4547b05a-84a3-4806-8583-5e5ed6827e8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "published-proof-of-concept", "source": "https://t.me/suboxone_chatroom/2609", "content": "\ud83d\udea8 Fortinet FortiManager Unauthenticated RCE (CVE-2024-47575)\n\nThe remote code execution vulnerability in FortiManager allows attackers to perform arbitrary operations by exploiting commands via the FGFM protocol, circumventing authentication. Referred to as FortiJump, this vulnerability provides unauthorized access to FortiManager, enabling control over FortiGate devices by taking advantage of insufficient security in command handling and device registration processes. \n\n\ud83d\udee0 Affected Versions:\nFortiManager 7.6.0\nFortiManager 7.4.0 through 7.4.4\nFortiManager 7.2.0 through 7.2.7\nFortiManager 7.0.0 through 7.0.12\nFortiManager 6.4.0 through 6.4.14\nFortiManager 6.2.0 through 6.2.12\nFortiManager Cloud 7.4.1 through 7.4.4\nFortiManager Cloud 7.2.1 through 7.2.7\nFortiManager Cloud 7.0.1 through 7.0.12\nFortiManager Cloud 6.4\n\n\ud83d\udd17 Research: \nhttps://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/\n\n\ud83d\udd17 Source: \nhttps://github.com/watchtowrlabs/Fortijump-Exploit-CVE-2024-47575\n\n#fortinet #fortimanager #fgfm #unauth #rce", "creation_timestamp": "2025-02-15T16:51:49.000000Z"}, {"uuid": "d7f93cee-ef5d-4ea8-9ec6-ecc0c4a6b30a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://t.me/club31337/2849", "content": "https://cloud.google.com/blog/topics/threat-intelligence/fortimanager-zero-day-exploitation-cve-2024-47575\n\n@club1337", "creation_timestamp": "2024-11-11T02:57:27.000000Z"}, {"uuid": "ca672f23-cd14-4da7-95ff-d70610d837e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "exploited", "source": "https://t.me/club31337/2939", "content": "https://attackerkb.com/topics/OFBGprmpIE/cve-2024-47575/rapid7-analysis\n\nhttps://www.rapid7.com/blog/post/2024/10/23/etr-fortinet-fortimanager-cve-2024-47575-exploited-in-zero-day-attacks/\n\n@club31337", "creation_timestamp": "2024-11-13T23:51:35.000000Z"}, {"uuid": "d4a215f6-5d12-4a0f-8fc8-4a253f4754a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47575", "type": "seen", "source": "https://t.me/sysodmins/23522", "content": "Fortinet \u043e\u0431\u0432\u0438\u043d\u044f\u044e\u0442 \u0432 \u0441\u043e\u043a\u0440\u044b\u0442\u0438\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u043c RCE-\u0431\u0430\u0433\u0435 \u043f\u043e\u0434 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \ud83d\udd0d\n\n\u041a\u0430\u043a \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b \u0418\u0411-\u044d\u043a\u0441\u043f\u0435\u0440\u0442 \u041a\u0435\u0432\u0438\u043d \u0411\u043e\u043c\u043e\u043d\u0442, \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c 13 \u043e\u043a\u0442\u044f\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430, \u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0435\u0439 FortiManager \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432 \u043f\u0430\u043d\u0435\u043b\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f FortiManager \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c\u0438 \u0438\u043b\u0438 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0441\u0435\u0440\u0438\u0439\u043d\u044b\u043c\u0438 \u043d\u043e\u043c\u0435\u0440\u0430\u043c\u0438.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0437\u0430\u044f\u0432\u0438\u043b, \u0447\u0442\u043e, \u0441\u0443\u0434\u044f \u043f\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u043c \u0438\u043c \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430\u043c, \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0435 \u00ab\u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435\u00bb \u0445\u0430\u043a\u0435\u0440\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u044d\u0442\u0443 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0441 \u043d\u0430\u0447\u0430\u043b\u0430 2024 \u0433\u043e\u0434\u0430 \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0445 \u0441\u0435\u0442\u0435\u0439 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0430 Reddit \u0442\u0430\u043a \u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u043b\u0438, \u0447\u0442\u043e \u044d\u0442\u043e 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u00ab\u043f\u043e\u0445\u0438\u0442\u0438\u0442\u044c \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 Fortigate \u0438\u0437 \u043b\u044e\u0431\u043e\u0433\u043e Fortigate, \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 FortiManager \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a \u043d\u0435\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u00bb.\n\n\u0422\u043e\u043b\u044c\u043a\u043e \u0441\u043f\u0443\u0441\u0442\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u043d\u0435\u0439 \u043f\u043e\u0441\u043b\u0435 \u044d\u0442\u0438\u0445 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0439 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 Fortinet \u043d\u0430\u043a\u043e\u043d\u0435\u0446 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 FortiJump, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2024-47575 (9,8 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS). \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u044f\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 FortiManager \u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u043c \u043f\u043e\u0440\u044f\u0434\u043a\u0435, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 13 \u043e\u043a\u0442\u044f\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430.\n\n\u0412 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0438, \u0447\u0442\u043e \u043d\u0430 \u0434\u0430\u043d\u043d\u043e\u043c \u044d\u0442\u0430\u043f\u0435 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0432 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b FortiManager \u0438\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a FortiGate \u043d\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e.\n\n\u0417\u0430\u0442\u043e \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Mandiant \u0443\u0436\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438, \u0447\u0442\u043e, \u043f\u043e \u0438\u0445 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 FortiJump \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0438\u0437 \u0445\u0430\u043a-\u0433\u0440\u0443\u043f\u043f\u044b UNC5820 \u0441 \u0438\u044e\u043d\u044f 2024 \u0433\u043e\u0434\u0430, \u0438 \u043e\u0442 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 50 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432.\n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \ud83e\udd78 \u0421\u0438\u0441\u0430\u0434\u043c\u0438\u043d", "creation_timestamp": "2024-10-26T05:44:54.000000Z"}]}