FortiOS and FortiProxy are under active exploitation by The Gentlemen ransomware group (Microsoft MSTIC: Storm-2697), which uses CVE-2024-55591 to gain unauthenticated super-admin access to FortiGate management interfaces as an initial-access vector for worm-capable ransomware deployment. The EPSS score for this CVE cluster sits at the 99.9th percentile. Any internet-exposed FortiGate management interface running FortiOS 7.0.0–7.0.16 or FortiProxy 7.0.0–7.0.19 should be treated as a critical priority.