Tag

Fortinet

All articles tagged with #fortinet

cyber-security-news1 month ago•54 min saved

Active Fortinet SQL Flaw Targets FortiClient EMS, CISA Warns

CISA added CVE-2026-21643, a critical unauthenticated SQL injection in Fortinet FortiClient EMS, to the Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in the wild. The flaw enables remote code execution without authentication, risking full database compromise on affected FortiClient EMS deployments. Fortinet has released patches; federal agencies must patch by April 16, 2026, and private-sector admins are urged to patch within three days, monitor for unusual HTTP requests targeting EMS, and take the server offline if patching isn’t possible.

via CyberSecurityNews|

#cisa-kev #cve-2026-21643 #cyber-security-news

security1 month ago•1 min saved

CISA Adds Six Actively Exploited Vulnerabilities to KEV Across Fortinet, Microsoft, and Adobe

CISA added six vulnerabilities to its Known Exploited Vulnerabilities catalog due to active exploitation: CVE-2026-21643 (Fortinet FortiClient EMS SQL injection), CVE-2020-9715 (Adobe Acrobat Reader use-after-free), CVE-2023-36424 (Windows CLFS out-of-bounds read), CVE-2023-21529 (Exchange Server deserialization leading to remote code execution), CVE-2025-60710 (Windows Task Scheduler local privilege escalation), and CVE-2012-1854 (VBA insecure library loading enabling remote code execution). Defused Cyber reported exploitation of CVE-21643 since March 24, 2026; Storm-1175 has weaponized CVE-2023-21529 to deliver Medusa ransomware; CVE-2012-1854 had targeted-attack activity in 2012. No public exploitation yet for the other three. FCEB agencies must patch by April 27, 2026, with FortiClient EMS fixes due by April 16, 2026.

via The Hacker News|

#cisa #cybersecurity #fortinet

security4 months ago•2 min saved

Fortinet patches critical FortiSIEM flaw enabling unauthenticated remote code execution

Fortinet released patches for FortiSIEM to fix CVE-2025-64155, an unauthenticated OS command injection that could let an attacker execute code via crafted requests to the phMonitor service on port 7900, potentially enabling a reverse shell and root-level control. The flaw affects multiple FortiSIEM versions; users should upgrade to fixed releases or restrict access to port 7900 as a workaround. The advisory also patches a separate FortiFone vulnerability (CVE-2025-47855).

via The Hacker News|

#cve-2025-64155 #fortinet #fortisiem

cybersecurity4 months ago•52 min saved

Critical FortiOS/FortiSwitchManager flaw enables remote code execution

Fortinet disclosed a critical heap-based buffer overflow vulnerability in the cw_acd daemon affecting FortiOS and FortiSwitchManager that allows remote, unauthenticated attackers to execute arbitrary code by sending specially crafted requests. Fortinet has issued advisories and patches across multiple FortiOS branches, FortiSASE, and FortiSwitchManager, and urges immediate upgrades to mitigate risk of full-system compromise (no CVE assigned yet). In the meantime, mitigations include disabling fabric access on interfaces and blocking CAPWAP-CONTROL traffic (UDP ports 5246–5249) via local-in policies, along with monitoring cw_acd activity and segmenting management interfaces.

via Cyber Security News|

#cwe-122 #cybersecurity #fortinet

security5 months ago•3 min saved

Fortinet SSL VPN and FortiGate vulnerabilities under active attack

Fortinet has issued a warning about active exploitation of a five-year-old vulnerability in FortiOS SSL VPN (CVE-2020-12812) that allows attackers to bypass two-factor authentication under certain configurations, especially involving LDAP integration and case-sensitive username matching. Organizations are advised to update their systems or disable username sensitivity to mitigate the risk, and to contact support if they suspect exploitation.

via The Hacker News|

#2fa-bypass #cve-2020-12812 #fortinet

finance9 months ago•3 min saved

Top Stock Movers to Watch Today: Eli Lilly, Fortinet, Airbnb, and More

Stocks declined following Trump's tariffs and higher-than-expected jobless claims, with notable movements including Eli Lilly dropping 14% after weight-loss pill data, Fortinet falling 25% despite strong earnings, and Sunrun soaring 32% on robust earnings. Other significant changes involved AppLovin, Airbnb, Peloton, Vistra, DraftKings, Duolingo, Lyft, and Zillow, reflecting mixed earnings results and outlooks amid economic uncertainties.

via Barron's|

#airbnb #eli-lilly #finance

cybersecurity1 year ago•2 min saved

Winos4.0 Malware Targets Windows Gamers via Game Apps

Cybercriminals are exploiting gaming applications to distribute Winos4.0, a malicious software framework that allows full control over infected Windows machines. This malware, derived from Gh0strat, is similar to Cobalt Strike and Sliver, and is used in campaigns like Silver Fox, linked to Chinese state actors. The attack involves multiple stages, starting with a gaming-related lure and progressing through DLL injections and C2 communications, ultimately establishing a persistent backdoor for data theft and system control. Fortinet advises downloading software only from trusted sources to avoid such threats.

via The Register|

#cyberattack #cybersecurity #fortinet

cybersecurity2 years ago•1 min saved

"Fortinet Addresses Critical Vulnerabilities Across FortiClientLinux and Other Products"

Fortinet has released critical security patches to address a vulnerability in FortiClientLinux that could allow arbitrary code execution. The vulnerability, tracked as CVE-2023-45590, affects specific versions of FortiClientLinux and is attributed to an "Improper Control of Generation of Code" flaw. Additionally, Fortinet's April 2024 security patches also resolve issues with FortiClientMac installer and FortiOS/FortiProxy, emphasizing the importance of keeping systems up-to-date to mitigate potential threats.

via The Hacker News|

#code-execution #cybersecurity #fortinet

cybersecurity2 years ago•0 min saved

"Fortinet's Latest Security Updates and Vulnerability Patches"

Fortinet has released security updates for multiple products, as announced by the Cybersecurity and Infrastructure Security Agency (CISA). The updates aim to address vulnerabilities and enhance the security of the affected products, emphasizing the importance of promptly applying these updates to mitigate potential risks.

via CISA|

#cisa #cyber-defense #cybersecurity

cybersecurity2 years ago•1 min saved

"Fortinet FortiOS Bug CVE-2024-21762 Affects 150,000 Internet-Facing Devices"

A critical vulnerability, CVE-2024-21762, in Fortinet FortiOS SSL VPN could potentially impact 150,000 exposed devices, with the majority located in the United States. The vulnerability, which allows for remote code execution, has been actively exploited in attacks in the wild. Fortinet has recommended disabling SSL VPN as a workaround and has provided a list of impacted versions and available solutions. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities catalog, and researchers continue to monitor the situation.

via Security Affairs|

#cve-2024-21762 #cyberattack #cybersecurity

cybersecurity2 years ago•1 min saved

"Fortinet Flaw Exposes 150,000 Devices to Critical Vulnerability"

Approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to CVE-2024-21762, a critical security issue that allows code execution without authentication. The vulnerability is actively being exploited by attackers, with over 24,000 vulnerable devices in the United States alone. Companies are advised to check their SSL VPN systems for vulnerability and take necessary mitigation steps to protect their networks.

via BleepingComputer|

#cve-2024-21762 #cybersecurity #exploitation

cybersecurity2 years ago•2 min saved

"Fortinet's Ongoing Battle: Exploited RCE Flaws and Urgent Patching"

CISA confirms active exploitation of a critical remote code execution (RCE) bug (CVE-2024-21762) in Fortinet's FortiOS operating system, urging immediate patching or SSL VPN disabling to mitigate risks. Fortinet's confusing disclosure process regarding other RCE vulnerabilities (CVE-2024-23108 and CVE-2024-23109) in FortiSIEM was clarified, emphasizing the need to secure all Fortinet devices due to the high likelihood of exploitation by malicious actors for cyber espionage and ransomware attacks.

via BleepingComputer|

#cisa #cve-2024-21762 #cybersecurity

technology2 years ago•5 min saved

"Fortinet's Critical Flaws: Urgent Patching Needed Amid Ongoing Exploitation"

Fortinet faced a tumultuous week with the disclosure of critical security vulnerabilities in its FortiOS, including an SSL VPN flaw that allows for remote code execution. The company also faced backlash for a confusing double bug disclosure and a disputed claim about toothbrushes being used in a DDoS attack. Fortinet's delayed and conflicting responses to these issues have drawn criticism, while security researchers urge users to patch vulnerable VPNs and upgrade to fixed releases.

via The Register|

#cybersecurity #disclosure #fortinet

technologysecurity2 years ago•2 min saved

"Fortinet Issues Urgent Warning on Active Exploitation of Critical SSL VPN Flaws"

Fortinet has disclosed a critical security flaw in FortiOS SSL VPN, likely being actively exploited, allowing for the execution of arbitrary code and commands. The vulnerability impacts multiple versions of FortiOS, and patches have been issued for other CVEs affecting FortiSIEM supervisor. Recent reports reveal Chinese state-sponsored actors exploiting known flaws in Fortinet devices, underscoring the growing threat faced by internet-facing edge devices lacking endpoint detection and response support.

via The Hacker News|

#cybersecurity #exploitation #fortinet

cyber-threat-network-security2 years ago•3 min saved

"Critical Security Patches Address Flaws in Cisco Unified Communications and Networking Products"

Cisco, Fortinet, and VMware have released critical security patches to address multiple vulnerabilities in their products, including CSRF attacks on Cisco Expressway Series, bypasses for a critical flaw in FortiSIEM supervisor, and moderate-to-important severity flaws in VMware Aria Operations for Networks. Organizations are urged to apply the patches promptly to mitigate the risks associated with these vulnerabilities.

via The Hacker News|

#cisco #cyber-threat-network-security #fortinet