SecurityWeek

Fortinet Patches High-Severity Vulnerabilities

Fortinet has fixed nine vulnerabilities, including high-severity command execution and authentication bypass flaws.
Bleeping Computer

Hackers breach Fortinet FortiGate devices, steal firewall configs

Fortinet FortiGate devices are being targeted in automated attacks that create rogue accounts and steal firewall configuration data, according to cybersecurity company Arctic Wolf. The campaign ...
CSOonline

Critical FortiCloud SSO zero‑day forces emergency service disablement at Fortinet

CISA added the flaw to its KEVs catalog as Fortinet warned that patches for most affected versions remain “upcoming,” even though vulnerable devices can no longer use cloud SSO until upgraded.
SDxCentral

Fortinet faces second authentication flaw in a fortnight

Fortinet systems are under threat due to another authentication-based flaw, with security experts warning edge devices are now a vulnerable attack surface for networks. A single sign-on (SSO) ...
The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively exploited.
International Business Times

FortiCloud SSO Exposure — 25,000 Devices Vulnerable and Cyber Attacks Active

A critical security flaw in FortiCloud SSO has left over 25,000 Fortinet devices vulnerable to hijack attempts. A critical security gap in FortiCloud's Single Sign-On (SSO) system has left more than ...