Despite security updates being installed, cyber criminals have managed to gain permanent access to FortiGate devices. The attackers exploit known vulnerabilities that have long since been closed – but they go one better: they leave behind a so-called backdoor through which they retain access even after the patch.