Fortinet News Articles

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? - Help Net Security

CVE-2025-59718, an auth bypass flaw that attackers exploited in December 2025 to compromise FortiGate appliances, appears to have persisted.

6 days ago

Fortinet confirms critical FortiCloud auth bypass not fully patched

Days after admins began reporting that their fully patched firewalls are being hacked, Fortinet confirmed it's working to fully address a critical FortiCloud SSO authentication bypass vulnerability that should have already been patched since early December.

6 days ago

Hackers breach Fortinet FortiGate devices, steal firewall configs

Fortinet FortiGate devices are being targeted in automated attacks that create rogue accounts and steal firewall configuration data, according to cybersecurity company Arctic Wolf.

1 week ago

Fortinet admins report patched FortiGate firewalls getting hacked

Fortinet customers are seeing attackers exploiting a patch bypass for a previously fixed critical FortiGate authentication vulnerability (CVE-2025-59718) to hack patched firewalls.

1 week ago

More Problems for Fortinet: Critical FortiSIEM Flaw Exploited

CVE-2025-64155, a command injection vulnerability, was disclosed earlier this week and quickly came under attack from a variety of IP addresses.

2 weeks ago

PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155) - Help Net Security

A critical vulnerability (CVE-2025-64155) in FortiSIEM has now been accompanied by publicly released proof-of-concept (PoC) exploit code.

2 weeks ago

Hackers now exploiting critical Fortinet FortiSIEM flaw in attacks

Attackers are now exploiting a critical Fortinet FortiSIEM vulnerability with publicly available proof-of-concept exploit code.

2 weeks ago

Fortinet FortiSIEM Vulnerability CVE-2025-64155: Critical Security Update

Discover critical Fortinet FortiSIEM vulnerability CVE-2025-64155. Learn how to update and protect your system from remote code execution attacks. Read now!

2 weeks ago

Exploit code public for critical FortiSIEM command injection flaw

Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security Information and Event Management (SIEM) solution that could be leveraged by a remote, unauthenticated attacker to execute commands or code.

2 weeks ago

Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

Fortinet patches a critical FortiSIEM vulnerability (CVE-2025-64155) that allows unauthenticated remote code execution via exposed phMonitor service.

2 weeks ago

FortiCloud SSO Exposure — 25,000 Devices Vulnerable and Cyber Attacks Active

Thousands of Fortinet systems are at risk as attackers exploit a critical authentication-bypass vulnerability in FortiCloud SSO.

Massive FortiCloud SSO Exposure Leaves 25,000+ Devices Vulnerable

The Shadowserver Foundation has identified over 25,000 internet-facing systems globally with Fortinet devices configured to use FortiCloud Single Sign-On (SSO).

Over 25,000 FortiCloud SSO devices exposed to remote attacks

Internet security watchdog Shadowserver has found over 25,000 Fortinet devices exposed online with FortiCloud SSO enabled, amid ongoing attacks targeting a critical authentication bypass vulnerability.

Over 25,000 FortiCloud SSO devices exposed to remote attacks

Internet security watchdog Shadowserver has found over 25,000 Fortinet devices exposed online with FortiCloud SSO enabled, amid ongoing attacks targeting a critical authentication bypass vulnerability.

Two Fortinet vulnerabilities are being exploited in the wild – patch now

Arctic Wolf and Rapid7 have urged security teams to act immediately to mitigate two critical Fortinet vulnerabilities.

Fortinet FortiGate firewalls actively exploited after disclosure

Experts say teams must patch right away as time to exploit gets shorter and shorter.

Fortinet CVEs exploited in the wild - Australian Cyber Security Magazine

Security teams are being urged to act immediately following confirmation that two newly disclosed Fortinet vulnerabilities are being actively exploited in the wild, according to a critical emergent threat alert issued by Rapid7. The vulnerabilities, tracked as CVE-2025-59718 and CVE-2025-59719, carr...

Critical Fortinet Flaws Under Active Attack

Attackers are targeting admin accounts, and once authenticated, exporting device configurations including hashed credentials and other sensitive data.

Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718) - Help Net Security

Attackers are exploiting CVE-2025-59718 to bypass authentication on FortiGate firewalls to exfiltrate system configuration files.

CISA Adds Fortinet Vulnerability to KEV Catalog After Active Exploitation

CISA adds a Fortinet signature verification flaw affecting multiple products to its KEV catalog due to active exploitation in the wild.

CISA Adds Fortinet Signature Verification Vulnerability to KEV Catalog After Active Exploitation

The flaw affects multiple Fortinet products and poses a significant threat to organisations relying on FortiCloud single sign-on (SSO) authentication.

CISA Adds Actively Exploited Fortinet Signature Verification Flaw to KEV Catalog

CISA has officially added CVE-2025-59718 to its Known Exploited Vulnerabilities (KEV) catalog, marking the latest Fortinet vulnerability being actively exploited in the wild.

Metasploit Releases New Exploit for Fresh FortiWeb 0-Day Vulnerabilities

A Zero-day vulnerabilities in Fortinet's FortiWeb web application firewall, chaining two security flaws to achieve unauthenticated RCE.

Metasploit Adds Exploit Module for Recently Disclosed FortiWeb 0-Day Vulnerabilities

The Metasploit Framework has introduced a new exploit module targeting critical vulnerabilities in Fortinet's FortiWeb Web Application Firewall (WAF).

Metasploit Adds Exploit Module for Recently Disclosed FortiWeb 0-Day Vulnerabilities

The Metasploit Framework has introduced a new exploit module targeting critical vulnerabilities in Fortinet's FortiWeb Web Application Firewall (WAF).