The severity is CRITICAL because CyberStrikeAI can automate attacks against various security tools and protocols, making it accessible to low-skilled attackers. The real-world exploitability is high due to the tool's integration with multiple attack vectors.
The open-source AI security testing platform CyberStrikeAI has been used by threat actors to compromise Fortinet FortiGate firewalls, highlighting the risk of low-skilled attackers automating complex exploits with AI.
Affected Systems
- Fortinet FortiGate firewalls
Affected Versions: All versions of FortiGate devices that were targeted by the threat actor
Remediation
- Apply security patches and updates from Fortinet as soon as they are released for your specific FortiGate device.
- Configure network segmentation to isolate critical systems and limit potential attack paths.
- Monitor logs and implement intrusion detection systems (IDS) to detect unusual activities indicative of an AI-powered attack.
Stack Impact
The impact is on Fortinet's FortiOS and any services running on the compromised devices, including firewalls, VPN appliances, and other edge devices.