CISA Flags Unauthorized Access Issues by Nation-State Agents in Fortinet and Zoho Systems
- The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently issued a warning that Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus have security flaws.
- Multiple nation-state actors are exploiting these security weak points to gain unauthorized access to, and establish persistence on, compromised systems.
- Nation-state advanced persistent threat (APT) actors employed the use of CVE-2022-47966 to gain unauthorized access.
Fortinet And Zoho Under the Spotlight
It sounds like the security of Fortinet and Zoho could use a stronger fortification! According to the Cybersecurity and Infrastructure Security Agency (CISA), these systems have become playgrounds for nation-state actors looking for security loopholes to exploit. In simpler terms, these tech actors are climbing through the digital windows and leaving their shoes on the carpet.
Exploiting Weak Security Points
In cyber language, your system’s weakest link is comparable to your grandpa trying to send a text message for the first time. It’s vulnerable and hackers, like naughty neighborhood kids, love to take advantage of it. In this scenario, several nation-state actors have exploited these weak points in Fortinet’s FortiOS SSL-VPN and Zoho’s ManageEngine ServiceDesk Plus, gaining unauthorized access and establishing persistence on compromised systems.
APT Actors Employ CVE-2022-47966
Think of CVE-2022-47966 as a master key made out of ones and zeros. This ‘digital skeleton key’ is what theAdvanced Persistent Threat (APT) actors used to gain unauthorized access. This basically means they’re sticking around longer than your chatty aunt after a family gathering, and just as hard to get rid of!
Pulling it all together, the Cybersecurity and Infrastructure Security Agency (CISA) has waved the red flag on Fortinet and Zoho’s systems. A combination of weak security points and the exploitation of CVE-2022-47966 have allowed multiple nation-state actors to gain improper access and maintain a persistent presence on these systems. So, it appears it’s not just your dad who stays too long at the party — nation-state actors do it too, but on a whole different level!
Original Article: https://thehackernews.com/2023/09/cisa-warning-nation-state-hackers.html