The Hacker News

Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities

Fortinet, Ivanti, and SAP patched critical flaws up to CVSS 10.0, reducing RCE, admin takeover, and data exposure risks.
CRN

Fortinet Confirms Exploitation Of ‘Critical’ Vulnerability In FortiOS, FortiProxy

The confirmation comes after Arctic Wolf researchers said that ‘mass exploitation’ of the vulnerability—which impacts FortiGate firewalls—is ‘likely.’ Fortinet confirmed Tuesday that a ...
Infosecurity-magazine.com

Fortinet Confirms Critical Zero-Day Vulnerability in Firewalls

Fortinet has disclosed a new critical zero-day vulnerability affecting some of its FortiGate firewalls. In a security advisory published on January 14, FortiGuard Labs revealed a new authentication ...
Bleeping Computer

Fortinet: New FortiOS RCE bug "may have been exploited" in attacks

Fortinet says a critical FortiOS SSL VPN vulnerability that was patched last week "may have been exploited" in attacks impacting government, manufacturing, and critical infrastructure organizations.
ITWire

Fortinet firewalls hit with new zero-day attack, older data leak

Rapid7 is investigating two separate events affecting Fortinet firewall customers: Zero-day exploitation of CVE-2024-55591, an authentication bypass vulnerability in FortiOS and FortiProxy disclosed ...
Bleeping Computer

Fortinet warns of auth bypass zero-day exploited to hijack firewalls

Attackers are exploiting a new authentication bypass zero-day vulnerability in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. This security flaw (tracked as ...