Fortinet Confirms New Zero-Day Behind Malicious SSO Logins
Overview
Fortinet has confirmed a new zero-day vulnerability that is allowing attackers to exploit single sign-on (SSO) authentication for malicious logins. In response to the ongoing attacks, the company has temporarily disabled FortiCloud SSO authentication across all devices to mitigate the risk. This means that users relying on this feature for secure access may face disruptions while Fortinet works on a solution. The situation is particularly concerning as it puts sensitive information at risk and could lead to unauthorized access to critical systems. Companies using Fortinet products should monitor the situation closely and be prepared to implement any updates once they are released.
Key Takeaways
- Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
- Affected Systems: FortiCloud SSO authentication
- Action Required: Temporarily disabled FortiCloud SSO authentication for all devices.
- Timeline: Newly disclosed
Original Article Summary
To stop the ongoing attacks, the cybersecurity vendor took the drastic step of temporarily disabling FortiCloud single sign-on (SSO) authentication for all devices.
Impact
FortiCloud SSO authentication
Exploitation Status
This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.
Timeline
Newly disclosed
Remediation
Temporarily disabled FortiCloud SSO authentication for all devices
Additional Information
This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.
Related Topics: This incident relates to Zero-day, Fortinet, Exploit, and 2 more.