Exploit traffic against the Fortinet VPN CVE-2022-43475 vulnerability have spiked in recent weeks.
Fortinet has patched a serious bug (CVE-2022-39947) in its FortiADC application delivery controllers.
A new critical vulnerability (CVE-2022-42475) in Fortinet's Fortigate firewall has been actively exploited.
Fortinet said many of its customers still have not updated to fix CVE-2022-40684, which has been under active attack for two weeks.
Mass exploitation of a new Fortinet authentication bypass flaw (CVE-2022-40684) is ongoing and proof of concept exploits are available.