Fortinet warns that a recently addressed FortiOS vulnerability has been exploited by a sophisticated threat actor in highly targeted attacks against governmental and government-related entities. Patched last week, the bug is tracked as CVE-2022-41328 and is described as a medium-severity path traversal issue leading to command execution. When it announced the availability of fixes, Fortinet failed to mention that this was actually a zero-day vulnerability.[1] “An improper limitation of a path