CVE STALKER

CVE-2022-41328

CVSS
DESCRIPTIONA improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-22] in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands.
HEAT SCORE202

WORDS

TWEETS

DATE TWEETS USER
2023-03-24 00:11:02Fortinet FortiOS の深刻な脆弱性 CVE-2022-41328:政府機関への攻撃で悪用される – IoT OT Security News https://t.co/aBrZstUNBi "このマルウェアは、[… https://t.co/QTrtNcpscX https://iototsecnews.jp/2023/03/13/fortinet-new-fortios-bug-used-as-zero-day-to-attack-govt-networks/ https://twitter.com/i/web/status/1639056299790077952catnap707
2023-03-23 23:10:14Fortinet FortiOS の深刻な脆弱性 CVE-2022-41328:政府機関への攻撃で悪用される #security #fortinet #vulnerability #cyberattack https://t.co/udsX8WV6Il http://iototsecnews.jp/2023/03/13/fortinet-new-fortios-bug-used-as-zero-day-to-attack-govt-networks/iototsecnews
2023-03-22 15:53:09Fortinet FortiOS Path Traversal Vulnerability (CVE-2022-41328) https://t.co/RSiW4detvy https://t.co/lNRR4CKboH https://threatprotect.qualys.com/2023/03/15/fortinet-fortios-path-traversal-vulnerability-cve-2022-41328/qualys
2023-03-20 04:40:46CISA ALERT! CVE-2022-41328 ( FortiOS ) #KnowYourSCORE now --> https://t.co/bWM0zLT0IE… https://t.co/ONoiPNWakG https://riskscore.info/cve/CVE-2022-41328/new https://twitter.com/i/web/status/1637672828504879106seconize_co
2023-03-17 16:56:26المهاجمين يستهدفون المنظمات والجهات من خلال استغلال ثغرة CVE-2022-41328 وهي ثغرة في انظمة FortiOS تمكن المهاجم من ت… https://t.co/CK9sAPjxf5 https://twitter.com/i/web/status/1636770745471713281MAlajab
2023-03-17 16:34:54中国に関連したグループUNC3886、Fortinetのゼロデイ脆弱性CVE-2022-41328を悪用し、スパイ活動を行っていた。 https://t.co/S06SeFqjCy @TheRecord_Media https://therecord.media/china-linked-hackers-exploit-fortinet-zero-dayishizuki
2023-03-17 15:07:34Mandiant links exploitation of the Fortinet zero-day CVE-2022-41328, exploited in government attacks, to a Chinese… https://t.co/izxcB1BSoe https://twitter.com/i/web/status/1636742952633397248skunkcyberteam
2023-03-17 13:44:55تقرير يربط إستغلال ثغرة Fortinet غير معرفة Zero-day يشار لها بالرقم CVE-2022-41328 بمجموعة الهجوم الصينية UNC3886 https://t.co/nOuEAMc1gq https://www.mandiant.com/resources/blog/fortinet-malware-ecosystemSOCWALL_tw
2023-03-17 10:21:51Mandiant links exploitation of the Fortinet zero-day CVE-2022-41328, exploited in government attacks, to a Chinese… https://t.co/Mmw4kZuoUr https://twitter.com/i/web/status/1636673480207859715EduardKovacs
2023-03-16 23:04:28【Fortinetのゼロデイ悪用した攻撃、中国ハッカーによるものか】先週報告された、FortiOSのゼロデイCVE-2022-41328を悪用して政府組織を狙う攻撃についてMandiantがレポートを発表。同社は、この攻撃は中国と… https://t.co/mHL8EA1QR9 https://twitter.com/i/web/status/1636501297276002304MachinaRecord
2023-03-16 21:53:49Warning: CVE-2022-41328, a FortiOS security flaw, is now actively exploited in attacks against governmental entitie… https://t.co/afV0kAU4jC https://twitter.com/i/web/status/1636483866784309248certbe
2023-03-16 07:22:53📌 FortiNET FortiOS CVE-2022-41328 📍 The CVE-2022-41328 vulnerability (CVSS score: 6.5) is a path traversal issue in… https://t.co/b8PTHFuT73 https://twitter.com/i/web/status/1636265317830651909onuroktay
2023-03-15 20:44:49Analysis of FG-IR-22-369 | Multiple IoCs have been uncovered related to the incident FG-IR-22-369 / CVE-2022-41328.… https://t.co/0gCdO9x4ZG https://twitter.com/i/web/status/1636100969581752320jhondarred
2023-03-15 13:03:02Update: Fortinet RCE Kwetsbaarheid Op 7 maart 2023 publiceerde #Fortinet een Advisory waarin CVE-2022-41328 wordt b… https://t.co/Ve9qN73VIU https://twitter.com/i/web/status/1635987472474685440HemmenJD
2023-03-15 10:09:27CISAの「悪用が確認されている脆弱性カタログ」に3件追加されていました。 CVE-2023-23397(Outlook) CVE-2023-24880(Windows) CVE-2022-41328(FortiOS)… https://t.co/qAsMP6f1aM https://twitter.com/i/web/status/1635939026980188160ntsuji
2023-03-15 00:25:00La falla es del tipo día cero. Está catalogada como CVE-2022-41328. Es un error de nivel medio en FortiOS que p… https://t.co/cFA1vggGCk https://twitter.com/i/web/status/1635797301682683905CycuraMX
2023-03-14 20:57:25🚨 Alerta por explotación activa de FortiOS CVE-2022-41328 para instalación de Malware y Backdoors en redes gubernam… https://t.co/GfAcfRSUi7 https://twitter.com/i/web/status/1635744373403967489Cronup_CyberSec
2023-03-14 18:57:16Some iocs referring to #CVE-2022-41328 IoCs: 47.252.20[.]90 File Hashes: Auth - b6e92149efaf78e9ce7552297505b9d5… https://t.co/sdOSAiwPjh https://twitter.com/i/web/status/1635714024988868635lucasbnery
2023-03-14 18:51:33🔊 #CVE-2023-23397, CVE-2023-24880 & CVE-2022-41328 have been added to @CISAgov’s Known Exploited Vulnerabilities Ca… https://t.co/QZqZ4bu360 https://twitter.com/i/web/status/1635714608378855425CISACyber
2023-03-14 18:42:05⚠️Alerte CERT-FR⚠️ La vulnérabilité CVE-2022-41328 affectant FortiOS est activement exploitée dans le cadre d'attaq… https://t.co/KN8Z8r0PTX https://twitter.com/i/web/status/1635711247134990336CERT_FR
2023-03-14 18:38:01CVE-2022-41328 https://t.co/c9EBYFam6e #HarsiaInfo https://har-sia.info/CVE-2022-41328.htmlHar_sia
2023-03-14 18:25:40CVE-2022-41328 - Fortinet FortiOS Path Traversal Vulnerability has been added to the KEV catalog.KEV_bot_1
2023-03-14 17:19:31🛑 Ce nouvel exploit FortiOS pour la faille de sécurité CVE-2022-41328 est utilisé pour compromettre des organisatio… https://t.co/CH3t66fThD https://twitter.com/i/web/status/1635689293262860325ITConnect_fr
2023-03-14 16:46:39New post from https://t.co/uXvPWJy6tj (CVE-2022-41328 (fortios)) has been published on https://t.co/SNs4bNOgOC http://www.sesin.at https://www.sesin.at/2023/03/14/cve-2022-41328-fortios/WolfgangSesin
2023-03-14 16:46:06New post from https://t.co/9KYxtdZjkl (CVE-2022-41328 (fortios)) has been published on https://t.co/UUZsp6Paqe http://www.sesin.at https://www.sesin.at/2023/03/14/cve-2022-41328-fortios/www_sesin_at
2023-03-14 16:13:32Update: Fortinet RCE Kwetsbaarheid Op 7 maart 2023 publiceerde #Fortinet een Advisory waarin CVE-2022-41328 wordt b… https://t.co/pNdVcWlCcK https://twitter.com/i/web/status/1635672242301333505Tesorion_NL
2023-03-14 15:36:31🚨 NEW: CVE-2022-41328 🚨 A improper limitation of a pathname to a restricted directory vulnerability ('path traversa… https://t.co/12eeMjPlSL https://twitter.com/i/web/status/1635663814422147076threatintelctr
2023-03-14 14:12:11#QuickScan: Threat actors actively exploiting zero-day bug (CVE-2022-41328) in FortiOS Read More:… https://t.co/qaS2o8NVkC https://twitter.com/i/web/status/1635643845466550275niiconsulting
2023-03-14 14:00:18Top 3 trending CVEs on Twitter Past 24 hrs: CVE-2022-41328: 1.3M (audience size) CVE-2023-27532: 427.7K CVE-2023-2… https://t.co/mmyPQqELU7 https://twitter.com/i/web/status/1635641946852016134CVEtrends
2023-03-14 13:39:22Le rapport choquant de Fortinet révèle que les attaquants ont utilisé des exploits CVE-2022-41328 pour infiltrer et… https://t.co/HByoIaw02o https://twitter.com/i/web/status/1635633093859065858HaboubiAnis
2023-03-14 12:42:46A falha de dia zero em questão é CVE-2022-41328 (pontuação CVSS: 6,5), um bug de travessia de caminho de segurança… https://t.co/67MBwr1Ocq https://twitter.com/i/web/status/1635621509233254401EsocTm6
2023-03-14 11:56:27Fortinet says recently patched FortiOS vulnerability CVE-2022-41328 was exploited in sophisticated attacks targetin… https://t.co/jr1SezN0lV https://twitter.com/i/web/status/1635607959505076224EduardKovacs
2023-03-14 11:47:33⚠ CVE-2022-41328 exploitation - Multiple FortiGate Firewalls were taken down using FortiManager - The exploit requi… https://t.co/UnGNFFOsRK https://twitter.com/i/web/status/1635604531449872384BushidoToken
2023-03-14 10:01:46Fortinet曰く、3/7に修正のFortiOSの深刻な脆弱性(CVE-2022-41328)は、ゼロデイとして政府ネットワークへの攻撃に使われた。FIPSエラー(ファームウェア完全性の自己診断に不合格)による機器の電源断をうけ… https://t.co/Rt3pjFsJAC https://twitter.com/i/web/status/1635579656828256256__kokumoto
2023-03-14 09:14:39🚨FortiOSの新しいバグが政府機関ネットワークへの攻撃でゼロデイとして利用される:CVE-2022-41328 ⚠️Zoll Medicalのデータ侵害、100万人に影響 😈CatBランサムウェアはMSDTCサービスを使っ… https://t.co/f99BLgPAps https://twitter.com/i/web/status/1635566077064413184MachinaRecord
2023-03-14 01:21:08ゼロデイぽいな🤔 > "Fortinet report published last week revealed that CVE-2022-41328 exploits had been used to hack and tak… https://t.co/2VVMgGMO11 https://twitter.com/i/web/status/1635450143616147456ohhara_shiojiri
2023-03-14 00:10:35Fortinetが観測したCVE-2022-41328を悪用した攻撃はかなり的を絞った攻撃だった。また攻撃者はFortiGateデバイスのOS(FortiOS)のさまざまな部分をリバースエンジニアリングするなど、「高度な能力」を示… https://t.co/fiss2J3bR6 https://twitter.com/i/web/status/1635432478860259329MachinaRecord
2023-03-13 23:33:01【FortiOSの新たな脆弱性、政府ネットワークへの攻撃のためにゼロデイとして悪用されていた:CVE-2022-41328】Fortinetは先週、同脆弱性が、ある顧客の複数のFortiGateデバイスのハッキング・テイクダウンの… https://t.co/gLTZcHuGxj https://twitter.com/i/web/status/1635421109146484740MachinaRecord
2023-03-13 22:50:52Fortinet:新的FortiOS错误被用作零日攻击政府网络 Fortinet于2023年3月7日发布了安全更新,以解决这个允许威胁行为者执行未经授权的代码或命令的高度严重安全漏洞(CVE-2022-41328) https://t.co/luxo1713Uh https://www.bleepingcomputer.com/news/security/fortinet-new-fortios-bug-used-as-zero-day-to-attack-govt-networks/Herdwolfman
2023-03-13 07:41:383月7日に修正されたFortinet製品の脆弱性15件の内の1つであるCVE-2022-41328が実際に悪用されてるぽいのに、海外メディア含めてどこも報道してないのは何事・・・? 影響範囲もかなり広いので要注意… https://t.co/6xoqcS7b20 https://twitter.com/i/web/status/1635183564320022528nekono_naha
2023-03-12 15:30:38Fortinet published a CVSS Medium PSIRT Advisory (FG-IR-22-369 / CVE-2022-41328) on March 7th, 2023. The following w… https://t.co/WQsMTVJFC0 https://twitter.com/i/web/status/1634937303150780416miladmantashi
2023-03-10 07:47:26先日の公表では特に書かれてませんでしたが、CVE-2022-41328 は実際のインシデントで見つかったゼロデイの模様。 『The complexity of the exploit suggests an advanced a… https://t.co/sllUMk0HaC https://twitter.com/i/web/status/1634095680204709888autumn_good_35
2023-03-08 17:52:28🟡 CVE-2022-41328 - CVSS v3 6.5/10 🟡 CVE-2022-41329 - CVSS v3 5.2/10 🟡 CVE-2022-41333 - CVSS v3 6.8/10 🔴 CVE-2023-25… https://t.co/QfNumLGw5s https://twitter.com/i/web/status/1633525166683611138Cronup_CyberSec
2023-03-08 08:48:19Fortinet FortiOS の CLI の処理に任意のファイルを読み書きされる問題 (CVE-2022-41328) [45302] https://t.co/HOXjmkzGMe #SIDfm #脆弱性情報 https://sid.softek.jp/content/show/45302sidfm_jp
2023-03-08 08:03:29New post from https://t.co/uXvPWJy6tj (CVE-2022-41328 | Fortinet FortiOS up to 6.4.11/7.0.9/7.2.3 CLI Command path… https://t.co/f3C0HjKpoM http://www.sesin.at https://twitter.com/i/web/status/1633373317707997184WolfgangSesin
2023-03-08 08:02:34New post from https://t.co/9KYxtdZjkl (CVE-2022-41328 | Fortinet FortiOS up to 6.4.11/7.0.9/7.2.3 CLI Command path… https://t.co/TZhgWdJB7a http://www.sesin.at https://twitter.com/i/web/status/1633373319989690369www_sesin_at
2023-03-07 21:26:23One night, CVE-2022-41328 wished upon a star, and today that wish has been granted. It now has a name, like a real,… https://t.co/09rukiXOe6 https://twitter.com/i/web/status/1633214754482425857vulnonym
2023-03-07 20:00:48CVE-2022-41328 A improper limitation of a pathname to a restricted directory vul... https://t.co/vF3HcMQewU Cust… https://t.co/UzZ1F2FyVV http://vulmon.com/vulnerabilitydetails?qid=CVE-2022-41328 https://twitter.com/i/web/status/1633195683921690624VulmonFeeds
2023-03-07 19:56:04New post from https://t.co/uXvPWJy6tj (CVE-2022-41328) has been published on https://t.co/7KY7Xpjjtk http://www.sesin.at https://www.sesin.at/2023/03/07/cve-2022-41328/WolfgangSesin
2023-03-07 19:55:21New post from https://t.co/9KYxtdZjkl (CVE-2022-41328) has been published on https://t.co/HEPDmr5daJ http://www.sesin.at https://www.sesin.at/2023/03/07/cve-2022-41328/www_sesin_at
2023-03-07 17:48:41🚨 NEW: CVE-2022-41328 🚨 A improper limitation of a pathname to a restricted directory vulnerability ('path traversa… https://t.co/VWpiAXkDg7 https://twitter.com/i/web/status/1633157286716907521threatintelctr
2023-03-07 17:37:01CVE-2022-41328 A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-… https://t.co/l06WhDdiu0 https://twitter.com/i/web/status/1633157864490684416eyeTSystems
2023-03-07 17:29:16CVE-2022-41328 : A improper limitation of a pathname to a restricted directory vulnerability 'path traversal' [CW… https://t.co/BUb4nVDJCf https://twitter.com/i/web/status/1633151954485407760CVEreport
2023-03-07 16:54:32CVE-2022-41328 A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-… https://t.co/KPirtKWijo https://twitter.com/i/web/status/1633146823337549825CVEnew