WORDS
| CVSS | |
|---|---|
| DESCRIPTION | A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-22] in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands. |
| HEAT SCORE | 197 |
| DATE | TWEETS | USER |
|---|---|---|
| 2023-03-22 15:53:09 | Fortinet FortiOS Path Traversal Vulnerability (CVE-2022-41328) https://t.co/RSiW4detvy https://t.co/lNRR4CKboH https://threatprotect.qualys.com/2023/03/15/fortinet-fortios-path-traversal-vulnerability-cve-2022-41328/ | qualys |
| 2023-03-20 04:40:46 | CISA ALERT! CVE-2022-41328 ( FortiOS ) #KnowYourSCORE now --> https://t.co/bWM0zLT0IE… https://t.co/ONoiPNWakG https://riskscore.info/cve/CVE-2022-41328/new https://twitter.com/i/web/status/1637672828504879106 | seconize_co |
| 2023-03-17 16:56:26 | المهاجمين يستهدفون المنظمات والجهات من خلال استغلال ثغرة CVE-2022-41328 وهي ثغرة في انظمة FortiOS تمكن المهاجم من ت… https://t.co/CK9sAPjxf5 https://twitter.com/i/web/status/1636770745471713281 | MAlajab |
| 2023-03-17 16:34:54 | 中国に関連したグループUNC3886、Fortinetのゼロデイ脆弱性CVE-2022-41328を悪用し、スパイ活動を行っていた。 https://t.co/S06SeFqjCy @TheRecord_Media https://therecord.media/china-linked-hackers-exploit-fortinet-zero-day | ishizuki |
| 2023-03-17 15:07:34 | Mandiant links exploitation of the Fortinet zero-day CVE-2022-41328, exploited in government attacks, to a Chinese… https://t.co/izxcB1BSoe https://twitter.com/i/web/status/1636742952633397248 | skunkcyberteam |
| 2023-03-17 13:44:55 | تقرير يربط إستغلال ثغرة Fortinet غير معرفة Zero-day يشار لها بالرقم CVE-2022-41328 بمجموعة الهجوم الصينية UNC3886 https://t.co/nOuEAMc1gq https://www.mandiant.com/resources/blog/fortinet-malware-ecosystem | SOCWALL_tw |
| 2023-03-17 10:21:51 | Mandiant links exploitation of the Fortinet zero-day CVE-2022-41328, exploited in government attacks, to a Chinese… https://t.co/Mmw4kZuoUr https://twitter.com/i/web/status/1636673480207859715 | EduardKovacs |
| 2023-03-16 23:04:28 | 【Fortinetのゼロデイ悪用した攻撃、中国ハッカーによるものか】先週報告された、FortiOSのゼロデイCVE-2022-41328を悪用して政府組織を狙う攻撃についてMandiantがレポートを発表。同社は、この攻撃は中国と… https://t.co/mHL8EA1QR9 https://twitter.com/i/web/status/1636501297276002304 | MachinaRecord |
| 2023-03-16 21:53:49 | Warning: CVE-2022-41328, a FortiOS security flaw, is now actively exploited in attacks against governmental entitie… https://t.co/afV0kAU4jC https://twitter.com/i/web/status/1636483866784309248 | certbe |
| 2023-03-16 07:22:53 | 📌 FortiNET FortiOS CVE-2022-41328 📍 The CVE-2022-41328 vulnerability (CVSS score: 6.5) is a path traversal issue in… https://t.co/b8PTHFuT73 https://twitter.com/i/web/status/1636265317830651909 | onuroktay |
| 2023-03-15 20:44:49 | Analysis of FG-IR-22-369 | Multiple IoCs have been uncovered related to the incident FG-IR-22-369 / CVE-2022-41328.… https://t.co/0gCdO9x4ZG https://twitter.com/i/web/status/1636100969581752320 | jhondarred |
| 2023-03-15 13:03:02 | Update: Fortinet RCE Kwetsbaarheid Op 7 maart 2023 publiceerde #Fortinet een Advisory waarin CVE-2022-41328 wordt b… https://t.co/Ve9qN73VIU https://twitter.com/i/web/status/1635987472474685440 | HemmenJD |
| 2023-03-15 10:09:27 | CISAの「悪用が確認されている脆弱性カタログ」に3件追加されていました。 CVE-2023-23397(Outlook) CVE-2023-24880(Windows) CVE-2022-41328(FortiOS)… https://t.co/qAsMP6f1aM https://twitter.com/i/web/status/1635939026980188160 | ntsuji |
| 2023-03-15 00:25:00 | La falla es del tipo día cero. Está catalogada como CVE-2022-41328. Es un error de nivel medio en FortiOS que p… https://t.co/cFA1vggGCk https://twitter.com/i/web/status/1635797301682683905 | CycuraMX |
| 2023-03-14 20:57:25 | 🚨 Alerta por explotación activa de FortiOS CVE-2022-41328 para instalación de Malware y Backdoors en redes gubernam… https://t.co/GfAcfRSUi7 https://twitter.com/i/web/status/1635744373403967489 | Cronup_CyberSec |
| 2023-03-14 18:57:16 | Some iocs referring to #CVE-2022-41328 IoCs: 47.252.20[.]90 File Hashes: Auth - b6e92149efaf78e9ce7552297505b9d5… https://t.co/sdOSAiwPjh https://twitter.com/i/web/status/1635714024988868635 | lucasbnery |
| 2023-03-14 18:51:33 | 🔊 #CVE-2023-23397, CVE-2023-24880 & CVE-2022-41328 have been added to @CISAgov’s Known Exploited Vulnerabilities Ca… https://t.co/QZqZ4bu360 https://twitter.com/i/web/status/1635714608378855425 | CISACyber |
| 2023-03-14 18:42:05 | ⚠️Alerte CERT-FR⚠️ La vulnérabilité CVE-2022-41328 affectant FortiOS est activement exploitée dans le cadre d'attaq… https://t.co/KN8Z8r0PTX https://twitter.com/i/web/status/1635711247134990336 | CERT_FR |
| 2023-03-14 18:38:01 | CVE-2022-41328 https://t.co/c9EBYFam6e #HarsiaInfo https://har-sia.info/CVE-2022-41328.html | Har_sia |
| 2023-03-14 18:25:40 | CVE-2022-41328 - Fortinet FortiOS Path Traversal Vulnerability has been added to the KEV catalog. | KEV_bot_1 |
| 2023-03-14 17:19:31 | 🛑 Ce nouvel exploit FortiOS pour la faille de sécurité CVE-2022-41328 est utilisé pour compromettre des organisatio… https://t.co/CH3t66fThD https://twitter.com/i/web/status/1635689293262860325 | ITConnect_fr |
| 2023-03-14 16:46:39 | New post from https://t.co/uXvPWJy6tj (CVE-2022-41328 (fortios)) has been published on https://t.co/SNs4bNOgOC http://www.sesin.at https://www.sesin.at/2023/03/14/cve-2022-41328-fortios/ | WolfgangSesin |
| 2023-03-14 16:46:06 | New post from https://t.co/9KYxtdZjkl (CVE-2022-41328 (fortios)) has been published on https://t.co/UUZsp6Paqe http://www.sesin.at https://www.sesin.at/2023/03/14/cve-2022-41328-fortios/ | www_sesin_at |
| 2023-03-14 16:13:32 | Update: Fortinet RCE Kwetsbaarheid Op 7 maart 2023 publiceerde #Fortinet een Advisory waarin CVE-2022-41328 wordt b… https://t.co/pNdVcWlCcK https://twitter.com/i/web/status/1635672242301333505 | Tesorion_NL |
| 2023-03-14 15:36:31 | 🚨 NEW: CVE-2022-41328 🚨 A improper limitation of a pathname to a restricted directory vulnerability ('path traversa… https://t.co/12eeMjPlSL https://twitter.com/i/web/status/1635663814422147076 | threatintelctr |
| 2023-03-14 14:12:11 | #QuickScan: Threat actors actively exploiting zero-day bug (CVE-2022-41328) in FortiOS Read More:… https://t.co/qaS2o8NVkC https://twitter.com/i/web/status/1635643845466550275 | niiconsulting |
| 2023-03-14 14:00:18 | Top 3 trending CVEs on Twitter Past 24 hrs: CVE-2022-41328: 1.3M (audience size) CVE-2023-27532: 427.7K CVE-2023-2… https://t.co/mmyPQqELU7 https://twitter.com/i/web/status/1635641946852016134 | CVEtrends |
| 2023-03-14 13:39:22 | Le rapport choquant de Fortinet révèle que les attaquants ont utilisé des exploits CVE-2022-41328 pour infiltrer et… https://t.co/HByoIaw02o https://twitter.com/i/web/status/1635633093859065858 | HaboubiAnis |
| 2023-03-14 12:42:46 | A falha de dia zero em questão é CVE-2022-41328 (pontuação CVSS: 6,5), um bug de travessia de caminho de segurança… https://t.co/67MBwr1Ocq https://twitter.com/i/web/status/1635621509233254401 | EsocTm6 |
| 2023-03-14 11:56:27 | Fortinet says recently patched FortiOS vulnerability CVE-2022-41328 was exploited in sophisticated attacks targetin… https://t.co/jr1SezN0lV https://twitter.com/i/web/status/1635607959505076224 | EduardKovacs |
| 2023-03-14 11:47:33 | ⚠ CVE-2022-41328 exploitation - Multiple FortiGate Firewalls were taken down using FortiManager - The exploit requi… https://t.co/UnGNFFOsRK https://twitter.com/i/web/status/1635604531449872384 | BushidoToken |
| 2023-03-14 10:01:46 | Fortinet曰く、3/7に修正のFortiOSの深刻な脆弱性(CVE-2022-41328)は、ゼロデイとして政府ネットワークへの攻撃に使われた。FIPSエラー(ファームウェア完全性の自己診断に不合格)による機器の電源断をうけ… https://t.co/Rt3pjFsJAC https://twitter.com/i/web/status/1635579656828256256 | __kokumoto |
| 2023-03-14 09:14:39 | 🚨FortiOSの新しいバグが政府機関ネットワークへの攻撃でゼロデイとして利用される:CVE-2022-41328 ⚠️Zoll Medicalのデータ侵害、100万人に影響 😈CatBランサムウェアはMSDTCサービスを使っ… https://t.co/f99BLgPAps https://twitter.com/i/web/status/1635566077064413184 | MachinaRecord |
| 2023-03-14 01:21:08 | ゼロデイぽいな🤔 > "Fortinet report published last week revealed that CVE-2022-41328 exploits had been used to hack and tak… https://t.co/2VVMgGMO11 https://twitter.com/i/web/status/1635450143616147456 | ohhara_shiojiri |
| 2023-03-14 00:10:35 | Fortinetが観測したCVE-2022-41328を悪用した攻撃はかなり的を絞った攻撃だった。また攻撃者はFortiGateデバイスのOS(FortiOS)のさまざまな部分をリバースエンジニアリングするなど、「高度な能力」を示… https://t.co/fiss2J3bR6 https://twitter.com/i/web/status/1635432478860259329 | MachinaRecord |
| 2023-03-13 23:33:01 | 【FortiOSの新たな脆弱性、政府ネットワークへの攻撃のためにゼロデイとして悪用されていた:CVE-2022-41328】Fortinetは先週、同脆弱性が、ある顧客の複数のFortiGateデバイスのハッキング・テイクダウンの… https://t.co/gLTZcHuGxj https://twitter.com/i/web/status/1635421109146484740 | MachinaRecord |
| 2023-03-13 22:50:52 | Fortinet:新的FortiOS错误被用作零日攻击政府网络 Fortinet于2023年3月7日发布了安全更新,以解决这个允许威胁行为者执行未经授权的代码或命令的高度严重安全漏洞(CVE-2022-41328) https://t.co/luxo1713Uh https://www.bleepingcomputer.com/news/security/fortinet-new-fortios-bug-used-as-zero-day-to-attack-govt-networks/ | Herdwolfman |
| 2023-03-13 07:41:38 | 3月7日に修正されたFortinet製品の脆弱性15件の内の1つであるCVE-2022-41328が実際に悪用されてるぽいのに、海外メディア含めてどこも報道してないのは何事・・・? 影響範囲もかなり広いので要注意… https://t.co/6xoqcS7b20 https://twitter.com/i/web/status/1635183564320022528 | nekono_naha |
| 2023-03-12 15:30:38 | Fortinet published a CVSS Medium PSIRT Advisory (FG-IR-22-369 / CVE-2022-41328) on March 7th, 2023. The following w… https://t.co/WQsMTVJFC0 https://twitter.com/i/web/status/1634937303150780416 | miladmantashi |
| 2023-03-10 07:47:26 | 先日の公表では特に書かれてませんでしたが、CVE-2022-41328 は実際のインシデントで見つかったゼロデイの模様。 『The complexity of the exploit suggests an advanced a… https://t.co/sllUMk0HaC https://twitter.com/i/web/status/1634095680204709888 | autumn_good_35 |
| 2023-03-08 17:52:28 | 🟡 CVE-2022-41328 - CVSS v3 6.5/10 🟡 CVE-2022-41329 - CVSS v3 5.2/10 🟡 CVE-2022-41333 - CVSS v3 6.8/10 🔴 CVE-2023-25… https://t.co/QfNumLGw5s https://twitter.com/i/web/status/1633525166683611138 | Cronup_CyberSec |
| 2023-03-08 08:48:19 | Fortinet FortiOS の CLI の処理に任意のファイルを読み書きされる問題 (CVE-2022-41328) [45302] https://t.co/HOXjmkzGMe #SIDfm #脆弱性情報 https://sid.softek.jp/content/show/45302 | sidfm_jp |
| 2023-03-08 08:03:29 | New post from https://t.co/uXvPWJy6tj (CVE-2022-41328 | Fortinet FortiOS up to 6.4.11/7.0.9/7.2.3 CLI Command path… https://t.co/f3C0HjKpoM http://www.sesin.at https://twitter.com/i/web/status/1633373317707997184 | WolfgangSesin |
| 2023-03-08 08:02:34 | New post from https://t.co/9KYxtdZjkl (CVE-2022-41328 | Fortinet FortiOS up to 6.4.11/7.0.9/7.2.3 CLI Command path… https://t.co/TZhgWdJB7a http://www.sesin.at https://twitter.com/i/web/status/1633373319989690369 | www_sesin_at |
| 2023-03-07 21:26:23 | One night, CVE-2022-41328 wished upon a star, and today that wish has been granted. It now has a name, like a real,… https://t.co/09rukiXOe6 https://twitter.com/i/web/status/1633214754482425857 | vulnonym |
| 2023-03-07 20:00:48 | CVE-2022-41328 A improper limitation of a pathname to a restricted directory vul... https://t.co/vF3HcMQewU Cust… https://t.co/UzZ1F2FyVV http://vulmon.com/vulnerabilitydetails?qid=CVE-2022-41328 https://twitter.com/i/web/status/1633195683921690624 | VulmonFeeds |
| 2023-03-07 19:56:04 | New post from https://t.co/uXvPWJy6tj (CVE-2022-41328) has been published on https://t.co/7KY7Xpjjtk http://www.sesin.at https://www.sesin.at/2023/03/07/cve-2022-41328/ | WolfgangSesin |
| 2023-03-07 19:55:21 | New post from https://t.co/9KYxtdZjkl (CVE-2022-41328) has been published on https://t.co/HEPDmr5daJ http://www.sesin.at https://www.sesin.at/2023/03/07/cve-2022-41328/ | www_sesin_at |
| 2023-03-07 17:48:41 | 🚨 NEW: CVE-2022-41328 🚨 A improper limitation of a pathname to a restricted directory vulnerability ('path traversa… https://t.co/VWpiAXkDg7 https://twitter.com/i/web/status/1633157286716907521 | threatintelctr |
| 2023-03-07 17:37:01 | CVE-2022-41328 A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-… https://t.co/l06WhDdiu0 https://twitter.com/i/web/status/1633157864490684416 | eyeTSystems |
| 2023-03-07 17:29:16 | CVE-2022-41328 : A improper limitation of a pathname to a restricted directory vulnerability 'path traversal' [CW… https://t.co/BUb4nVDJCf https://twitter.com/i/web/status/1633151954485407760 | CVEreport |
| 2023-03-07 16:54:32 | CVE-2022-41328 A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-… https://t.co/KPirtKWijo https://twitter.com/i/web/status/1633146823337549825 | CVEnew |