Chinese Hackers Exploit Fortinet Zero-Day Flaw for Cyber Espionage Attack
The Hacker News – Ravie Lakshmanan
The zero-day exploitation of a now-patched medium-severity security flaw in the Fortinet FortiOS operating system has been linked to a suspected Chinese hacking group.

Threat intelligence firm Mandiant, which made the attribution, said the activity cluster is part of a broader campaign designed to deploy backdoors onto Fortinet and VMware solutions and maintain persistent access to victim environments.

The vulnerability, tracked as CVE-2022-41328 (CVSS score: 6.5), concerns a path traversal bug in FortiOS that could lead to arbitrary code execution. It was patched by Fortinet on March 7, 2023.
Link: https://thehackernews.com/2023/03/chinese-hackers-exploit-fortinet-zero.html