pfSense firewalls managed by third-party MSPs served as the initial entry point in the VerdantBamboo campaign, enabling a China-linked espionage group to pivot into multiple downstream victim environments. No specific CVE is assigned to pfSense in the source intelligence; the vector was trusted relationship abuse through the MSP’s administrative access rather than a software vulnerability. Any pfSense deployment where MSP credentials can reach the admin interface or SSH represents an unmonitored initial access surface.