BrazenBamboo Weaponizes FortiClient Vulnerability to Steal Credentials (Campaign)

[email protected] (Wiz Threat Research) 2024-11-15T00:00:00+00:00 View Original

Full Report

A zero-day vulnerability in Fortinet's Windows VPN client, FortiClient, was discovered by Volexity, allowing user credentials to remain in process memory after authentication. This vulnerability was exploited by BrazenBamboo, a Chinese state-affiliated threat actor, using a pl...

Analysis Summary