Hackers Claim They Are Selling FortiGate Firewall Access

Uploaded on 2025-04-18 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

A threat actor has advertised a zero-day exploit targeting FortiGate firewall products form Fortinet on a prominent Dark Web forum. The exploit claims to enable unauthenticated remote code execution (RCE) and full configuration access to FortiOS, allowing attackers to seize control of vulnerable devices without needing credentials. 

This alarming development has raised concerns amongst some users about the security of Fortinet firewalls, widely used in enterprises and government agencies globally.

The forum post observed by ThreatMon claims to have extensive capabilities, including access to sensitive configuration files extracted from compromised devices. The exploit appears to target versions of FortiOS vulnerable to authentication bypass flaws, something which has been a recurrent problem with Fortinet products.

These files are purported to include:   

  • Local user credentials: Encrypted passwords stored.
  • Admin account details: Permissions and trust relationships documented.
  • Two-factor authentication (2FA) status: Information on FortiToken configurations.
  • Firewall policies and network configurations: Complete rule sets, NAT mappings, internal IP assets, and address groups.

Such data could allow attackers to bypass security measures, infiltrate networks, and potentially launch further attacks. 

Fortinet has quickly taken steps to mitigate this issue to deal with the challenges that the customer might face, issuing specific advice and urging customers to update their devices to protect against further risks of compromise to their systems. 

ThreatMon  |     Fortinet   |     Security Week  |   Cybersecurity News   |    Reddit    |  The 420

Image: Ideogram

You Might Also Read:

Medusa Ransomware Group: Delivering Sophisticated Attacks:   

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Fraud Is Dominating Cyber Insurance Claims
The FBI Has Lost Track Of Its Hacking Tools »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ThaiCERT

ThaiCERT

ThaiCERT is the national Computer Security Incident Response Team (CSIRT) for Thailand.

Masergy Communications

Masergy Communications

Masergy delivers hybrid networking, managed security and cloud communication solutions to enterprises around the globe.

Cyber Security For Critical Manufacturing (ManuSec)

Cyber Security For Critical Manufacturing (ManuSec)

Cyber Security For Critical Manufacturing (Manusec) is a global series of summits focusing on Cyber Security for Critical Manufacturing Sectors.

CryptTalk

CryptTalk

CryptTalk is an easy-to-use secure communication service.

Awen Collective

Awen Collective

Awen Collective develops software-based tools for performing Digital Forensics, Incident Response and Cyber-Crime Investigation.

InstaSafe Technologies

InstaSafe Technologies

InstaSafe®, a Software Defined Perimeter based (SDP) one-stop Secure Access Solution for On-Premise and Cloud Applications.

TSARKA

TSARKA

TSARKA (formerly the Center for Analysis & Investigation of Cyber Attacks - CAICA) is a leader in cybersecurity in Central Asia, playing a key role in protecting government and private IT assets.

Cypherix

Cypherix

Cypherix is tightly focused on cryptography and data security. We leverage our expertise to deliver state-of-the-art, world-class encryption software packages.

Digital Boundary Group (DBG)

Digital Boundary Group (DBG)

Digital Boundary Group (DBG) is an information technology security assurance services firm providing information technology security auditing and compliance assessment services to clients worldwide.

Certo Software

Certo Software

Certo are trusted experts in mobile security. At Certo, mobile security is not an afterthought, it’s what we do.

Istari

Istari

ISTARI is a new kind of cyber risk management company. We’re an agile collective of best-in-class capabilities and experts, who build ongoing partnerships with clients.

Cysmo Cyber Risk

Cysmo Cyber Risk

Cysmo is an innovative cyber risk assessment platform specifically designed for the needs of the German insurance industry.

Assura

Assura

Assura provides innovative cybersecurity advisory and managed services to all industries including government, healthcare, financial, manufacturing, and transportation sectors.

Hughes Network Systems

Hughes Network Systems

Hughes are industry leaders in networking technologies and services, innovating constantly to deliver the global solutions that power a connected future for people, enterprises and things everywhere.

Velotix

Velotix

Velotix empowers organizations to maximize the value of their data while ensuring security and compliance in a rapidly evolving regulatory landscape.

Codacy

Codacy

Codacy is a developer-first, API-driven platform that provides a curated collection of best-in-class code analysis, security, coverage, and engineering performance tools.