FortiRecon
FortiRecon is a digital risk protection (DRP) service that allows customers to gain visibility of their digital attack surface, receive targeted threat intelligence, and reduce organisational risk.
bmali
Staff
Staff
Article Id 301610
FortiRecon provides outside-in coverage for risks toward customers.  External Attack Surface Management helps customers identify exposure to known and unknown enterprise assets and associated vulnerabilities across the enterprise. The Vulnerability Intelligence Module under Adversary Centric Intelligence (ACI) provides a realistic view of the impact of the vulnerability based upon chatter and discussion of the same across various external sources such as Darkweb, social media, News / Blogs etc. 
CVE ID    CVE-2024-1709
CVE Title    ConnectWise ScreenConnect Authentication Bypass 
NVD Severity Critical
FortiRecon Severity Critical
Exploited Yes
Exploited by Ransomware Group(s) Yes (LockBit)
Exploited by APT Group(s) No 
Included in CISA KEV List Yes
Available working exploit(s) 1
Available POC exploit(s) 2
Darknet Mention(s) None
Telegram Mention(s) Discussion on 1 Telegram channel
APT Iran
FortiRecon Intelligence Reporting(s) 2 (OSINT)
Social Media Mention(s) 7
EASM Scanner    No 

 

CVE ID CVE-2024-1708
CVE Title ConnectWise ScreenConnect path traversal vulnerability
NVD Severity HIGH
FortiRecon Severity Critical
Exploited Yes
Exploited by Ransomware Group(s) Yes (LockBit)
Exploited by APT Group(s) No
Included in CISA KEV List No
Available working exploit(s) 1
Available POC exploit(s) 1
Darknet Mention(s) 1 ()
Telegram Mention(s) 1 (مرکز تحقیقاتی APT IRAN)
FortiRecon Intelligence Reporting(s) 2 (HUMINT, OSINT)
Social Media Mention(s) 6

 

Contributors