The Federal Bureau of Investigation (FBI) warned of an Advanced Persistent Threat (APT) that is compromising the clustering of FatPipe routers and load balancer products in order to breach target networks.

FatPipe is a Salt Lake City computer network hardware company specializing in WAN optimization solutions, with many Fortune 1000 companies on its customer list.

Companies from all major industrial sectors use FatPipe products, including government, military, local government, utilities, educational, and financial and medical institutions.

“As of November 2021, the FBI’s forensic analysis showed the exploitation of a 0-day vulnerability in the FatPipe MPVPN device software that goes back to at least May 2021,” said the FBI in a Lightning alarm issued this week.

“The vulnerability allowed APT actors to gain access to an unrestricted file upload facility to delete a webshell for exploitation activities with root access, resulting in elevated privileges and potential …

Source link

Leave a Reply