Suspected Chinese Threat Actors Exploiting FortiOS Vulnerability (CVE-2022-42475)
released on 2023-01-20 @ 02:58:02 PM
Mandiant is tracking a suspected China-nexus campaign believed to have exploited a recently announced vulnerability in Fortinet's FortiOS SSL-VPN, CVE-2022-42475, as a zero-day. Evidence suggests the exploitation was occurring as early as October 2022 and identified targets include a European government entity and a managed service provider located in Africa.