Fortinet News Articles
Recent news articles refferecing the vendors vulnerabilities.
Fortinet warns of new zero-day exploited to hijack firewalls
Fortinet warned today that attackers are exploiting another authentication bypass zero-day bug in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks.
10 hours ago
Fortinet discloses second firewall auth bypass patched in January
Fortinet warned today that attackers are exploiting another now-patched zero-day bug in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks.
10 hours ago
Hackers Allegedly Selling Fortinet Vulnerability Exploit on Dark Web Forums
A significant cybersecurity threat has emerged as hackers on a prominent Russian dark web forum claim to be selling an active exploit targeting Fortinet devices.The exploit reportedly leverages a critical vulnerability, CVE-2024-55591, which affects FortiOS versions 7.0.0 through 7.0.16.
2 weeks ago
Fortinet Zero-Day Gives Attackers Super-Admin Privileges
The firewall specialist has patched the security flaw, which was responsible for a series of attacks reported earlier this month that compromised FortiOS and FortiProxy products exposed to the public Internet.
2 weeks ago
Last Week in Security (LWiS) - 2025-01-27
0-click deanonymization (@hackermondev), Subaru hacks (@samwcyo + @infosec_au), 🍪 sandwitch (@d4d89704243), Entra Connect attacks (@hotnops), Kerberos relaying via HTTP (@croco_byte), and more!
2 weeks ago
FortiOS Authentication Bypass Vulnerability Exploited to Gain Super-Admin Access
A critical zero-day vulnerability in Fortinet's FortiOS and FortiProxy products tracked as CVE-2024-55591, has been actively exploited in the wild, allowing attackers to gain super-admin privileges.
2 weeks ago
Get FortiRekt, I Am The Super_Admin Now - Fortinet FortiOS Authentication Bypass CVE-2024-55591
Welcome to Monday, and what an excitingly fresh start to the week we're all having. Grab your coffee, grab your vodka - we're diving into a currently exploited-in-the-wild critical Authentication Bypass affecting foRtinet's (we are returning the misspelling gesture 🥰) flagship SSLVPN appliance, th...
2 weeks ago
48,000+ internet-facing Fortinet firewalls still open to attack - Help Net Security
Too many Fortinet firewalls vulnerable to attack via CVE-2024-55591 are still accessible from the Internet.
3 weeks ago
50,000 Fortinet Firewalls Remain Vulnerable to Critical Zero-Day Exploit
As of January 22, 2025, nearly 50,000 Fortinet firewall devices remain exposed to a critical zero-day vulnerability (CVE-2024-55591) despite urgent warnings and available patches. The flaw, which has been actively exploited since November 2024, allows attackers to bypass authentication and gain supe...
3 weeks ago
50K Fortinet firewalls still vulnerable to latest zero-day
Fortinet customers need to get with the program and apply the latest updates as nearly 50,000 management interfaces are still vulnerable to the latest zero-day exploit. Data from the Shadowserver Foundation...
3 weeks ago
Week in review: AWS S3 data encrypted without ransomware, data of 15k Fortinet firewalls leaked - Help Net Security
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Attackers are encrypting AWS S3 data without using
4 weeks ago
Fortinet Confirms Critical Zero-Day Vulnerability in Firewalls
The security provider published mitigation measures to prevent exploitation
1 month ago
Fortinet zero-day allows hackers to access corporate networks
Fortinet warns of a critical zero-day vulnerability in their firewalls that is being actively exploited to invade corporate networks.
1 month ago
Fortinet Confirms New Zero-Day Exploitation
Fortinet patches critical vulnerabilities, including a zero-day that has been exploited in the wild since at least November 2024.
1 month ago
Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591) - Help Net Security
Fortinet has patched a FortiOS authentication bypass vulnerability (CVE-2024-55591) that has been exploited as a zero-day by attackers.
1 month ago
Attackers exploiting critical Fortinet zero-day vulnerability | Te...
Fortinet received reports of exploitation regarding a zero-day vulnerability affecting its firewalls and SSL VPN products.
1 month ago
Fortinet warns of auth bypass zero-day exploited to hijack firewalls
Attackers are exploiting a new authentication bypass zero-day vulnerability in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks.
1 month ago
Fortinet urges immediate action: Critical RCE flaw exposes systems
Fortinet has addressed critical vulnerabilities in its Wireless LAN Manager (FortiWLM) that could lead to unauthenticated remote code execution (RCE) and
2 months ago
Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools
Fortinet EMS flaw (CVE-2023-48788, CVSS 9.3) exploited globally, dropping remote access tools and stealing credentials.
2 months ago
Fortinet Addresses Unpatched Critical RCE Vector
Fortinet has patched CVE-2023-34990 and CVE-2023-48782 in its Wireless LAN Manager (FortiWLM), which combined allow for unauthenticated remote code execution (RCE) and the ability to read all log files.
2 months ago
Fortinet warns of FortiWLM bug giving hackers admin privileges
Fortinet has disclosed a critical vulnerability in Fortinet Wireless Manager (FortiWLM) that allows remote attackers to take over devices by executing unauthorized code or commands through specially crafted web requests.
2 months ago
Hackers Exploiting FortiClient EMS Vulnerability (CVE-2023-48788) in the Wild
Cybersecurity researchers have uncovered active exploitation of a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS), tracked as CVE-2023-48788.
2 months ago
Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM
Fortinet warns of a patched FortiWLM vulnerability that could allow admin access and sensitive information disclosure.
2 months ago
Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits
Fortinet patches critical flaws in FortiWLM and FortiManager. CVE-2023-34990 risks sensitive data, while CVE-2024-48889 enables command injection.
2 months ago
Fortinet Vulnerabilities Let Attackers Execute Arbitrary Code Remotely
Fortinet, a leading cybersecurity solutions provider, has issued urgent advisories regarding two critical vulnerabilities affecting its FortiWLM and FortiManager products.
2 months ago
Fortinet patches FortiClientLinux critical RCE vulnerability
The vulnerability is due to a “dangerous nodejs configuration” and has a CVSS score of 9.4.
2 months ago
FortiClient EMS exploited: Inside the attack chain and post-exploitation tactics | Darktrace Blog
Soon after CVE-2023-48788 was publicly disclosed in late March 2024, Darktrace began to see compromises in FortiClient EMS devices on customer networks. Read on to find out more about what our Threat Research team uncovered.
2 months ago
Fortinet Edge Devices Under Attack - Again
Hackers may have circumvented a months-old patch for Fortinet gateway devices leading to a warning from the U.S. federal government over its active exploitation.
3 months ago
Spot the Difference: Earth Kasha's New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella
LODEINFO is a malware used in attacks targeting mainly Japan since 2019. Trend Micro has been tracking the group as Earth Kasha. We have identified a new campaign connected to this group with significant updates to their strategy, tactics, and arsenals.
3 months ago
Post Exploitation Activities on Fortinet Devices: A Network-Based Analysis | Darktrace Blog
This blog explores recent findings from Darktrace's Threat Research team on active exploitation campaigns targeting Fortinet appliances. This analysis focuses on the September 2024 exploitation of FortiManager via CVE-2024-47575, alongside related malicious activity observed in June 2024.
3 months ago
Hop-Skip-FortiJump-FortiJump-Higher - Fortinet FortiManager CVE-2024-47575
It’s been a tricky time for Fortinet (and their customers) lately - arguably, even more so than usual. Adding to the steady flow of vulnerabilities in appliances recently was a nasty CVSS 9.8 vulnerability in FortiManager, their tool for central management of FortiGate appliances. As always, the op...
3 months ago
FortiManager May Still Be Vulnerable Despite FortiJump Patch
The FortiJump vulnerability in Fortinet FortiManager may not have been completely fixed by last month's patch. Users are urged to apply mitigations.
3 months ago
1 Million Vulnerable Fortinet, SonicWall Devices Exposed
1 million Fortinet and SonicWall devices with actively exploited vulnerabilities are exposed on the internet, and WordPress and IoT devices face cyberattacks.
3 months ago
UNC5820 Exploits FortiManager Zero-Day Vulnerability (CVE-2024-47575)
Fortinet and Mandiant investigate the mass exploitation of FortiManager devices via CVE-2024-47575, impacting 50+ systems across industries.
4 months ago
FortiManager Devices Mass Compromise Exploiting CVE-2024-47575 Vulnerability
Shadowserver has issued a critical warning about the widespread exploitation of Fortinet FortiManager devices using the recently disclosed CVE-2024-47575 vulnerability.
4 months ago
Critical Bug Exploited in Fortinet's Management Console
An attacker compromised one of Fortinet's most sensitive products and mopped up all kinds of reconnaissance data helpful for future mass device attacks.
4 months ago
High-severity FortiManager bug being exploited by hackers
The bug carries a critical severity score of 9.8 and could allow hackers to steal troves of sensitive information that would facilitate further access.
4 months ago
FortiJump flaw CVE-2024-47575 has been exploited in zero-day attacks since June 2024
The "FortiJump" flaw (CVE-2024-47575) has been exploited in zero-day attacks since June 2024, impacting over 50 servers, says Mandiant.
4 months ago
Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575) - Help Net Security
Fortinet has publicly released information about CVE-2024-47575, a FortiManager flaw under active exploitation.
4 months ago
Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation
Discover critical details on Fortinet's FortiManager vulnerability (CVE-2024-47575) and essential mitigation strategies.
4 months ago
Fortinet confirms zero day exploitation of CVE-2024-47575
Fortinet confirms zero day exploitation: Pre-auth RCE now allocated CVE-2024-47575. What's going on with Fortinet product security again?
4 months ago
Fortinet discloses critical zero-day flaw in FortiManager | TechTarget
Fortinet confirmed reports of a critical zero-day vulnerability in FortiManager, which CISA added to its Known Exploited Vulnerabilities catalog.
4 months ago
Fortinet warns of new critical FortiManager flaw used in zero-day attacks
Fortinet publicly disclosed today a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited in zero-day attacks to steal sensitive files containing configurations, IP addresses, and credentials for managed devices.
4 months ago
Fortinet releases patches for undisclosed critical FortiManager vulnerability - Help Net Security
Fortinet has released critical security updates for FortiManager, to fix a critical vulnerability that is reportedly being exploited.
4 months ago
87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) - Help Net Security
CISA added CVE-2024-23113 - a vulnerability that allows unauthenticated RCE on unpatched Fortinet FortiGate firewalls - to its KEV catalog.
4 months ago
Fortinet FortiGate CVE-2024-23113 - A Super Complex Vulnerability In A Super Secure Appliance In 2024
Today we'd like to share a recent journey into (yet another) SSLVPN appliance vulnerability - a Format String vulnerability, unusually, in Fortinet's FortiGate devices. It affected (before patching) all currently-maintained branches, and recently was highlighted by CISA as being exploited-in-the-wi...
4 months ago
CISA Added Fortinet & Ivanti vulnerabilities that Exploited in the Wild
CISA has recently updated its Known Exploited Vulnerabilities Catalog, adding critical vulnerabilities from Fortinet and Ivanti.
4 months ago
CISA Warns of Fortinet RCE Vulnerability Actively Exploited
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding a remote code execution (RCE) vulnerability in Fortinet products, identified as CVE-2024-23113.
4 months ago
Organizations Warned of Exploited Fortinet FortiOS Vulnerability
CISA has added a FortinetFortiOS vulnerability tracked as CVE-2024-23113 to its Known Exploited Vulnerabilities (KEV) catalog.
4 months ago