Threat actor allegedly selling Fortinet firewall zero-day exploit

Just as Fortinet is warning of threat actors maintaining persistent access to FortiOS and FortiProxy devices affected by known vulnerabilities, a threat actor is offering to sell an alleged zero-day exploit targeting FortiGate firewalls.

Over the weekend, cybersecurity firm ThreatMon warned on X of a post on a dark web forum, in which a threat actor claims that a zero-day in Fortinet’s FortiGate firewalls could be exploited remotely, without authentication, to execute arbitrary code.

Read more at Security Week