SideWinder APT Group aka Rattlesnake Targeting Pakistan – Active IOCs

August 15, 2024

North Korean APT Kimsuky aka Black Banshee – Active IOCs

August 15, 2024

CVE-2024-21757 – Fortinet FortiManager Vulnerability

August 15, 2024

Severity

Medium

Analysis Summary

CVE-2024-21757

Fortinet FortiManager or FortiAnalyzer could allow a remote attacker to bypass security restrictions, caused by an unverified password change vulnerability. An attacker could exploit this vulnerability to allow an attacker to modify admin passwords via the device configuration backup.

Impact

Security Bypass

Indicators of Compromise

CVE

CVE-2024-21757

Affected Vendors

Fortinet

Affected Products

Fortinet FortiAnalyzer - 7.4.0
Fortinet FortiManager - 7.4.0

Remediation

Refer to FortiGuard Advisory for patch, upgrade or suggested workaround information.

FortiGuard Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

NCSC Alerts on Fortinet Malware

Confucius APT Resurfaces with Stealthy Anondoor Backdoor Framework – Active IOCs

Apache CloudStack Privilege Escalation Flaw

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

SideWinder APT Group aka Rattlesnake Targeting Pakistan – Active IOCs

North Korean APT Kimsuky aka Black Banshee – Active IOCs

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation