As always, companies should patch as soon as their vulnerability management process allows. Additionally, this is a reminder that the true criticality of a CVE is dependent on multiple factors, and depending on an organization’s specific environment, threat model, and attack surface area the vulnerability may be more relevant or dangerous than the assigned CVSS score. For detection, companies may be able to leverage netflow data compared against a baseline of normal netflow to identify abnormal activity. Additionally, a robust change control procedure enables detection of unexpected and unauthorized changes to firmware and system-critical files by having an accurate record of when authorized changes occurred to compare against.
https://thehackernews.com/2023/03/fortinet-fortios-flaw-exploited-in.html
