Tag: fortinet
-
CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection Vulnerability
Tags: access, advisory, attack, authentication, cisa, cve, cyber, cybersecurity, exploit, flaw, fortinet, infrastructure, injection, kev, mitigation, threat, update, vpn, vulnerability, zero-dayExploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM devices. Key takeaways: CVE-2025-64155 is a critical operating system (OS) command injection vulnerability affecting Fortinet FortiSIEM. Fortinet vulnerabilities have historically been common targets for cyber attackers, with 23 Fortinet CVEs currently on the CISA KEV list. Public exploit code has…
-
Fortinet fixed two critical flaws in FortiFone and FortiSIEM
Fortinet fixed six security flaws, including two critical bugs in FortiFone and FortiSIEM that attackers could exploit without authentication. Fortinet released patches for six vulnerabilities, including two critical flaws in FortiFone and FortiSIEM that could be exploited without authentication to leak configuration data or enable code execution. The first vulnerabilty, tracked as CVE-2025-64155 (CVSS score…
-
Fortinet fixed two critical flaws in FortiFone and FortiSIEM
Fortinet fixed six security flaws, including two critical bugs in FortiFone and FortiSIEM that attackers could exploit without authentication. Fortinet released patches for six vulnerabilities, including two critical flaws in FortiFone and FortiSIEM that could be exploited without authentication to leak configuration data or enable code execution. The first vulnerabilty, tracked as CVE-2025-64155 (CVSS score…
-
Fortinet FortiSandbox SSRF Bug Proxies Internal Network Requests
Fortinet patched a FortiSandbox SSRF bug (CVE-2025-67685) that could proxy internal network requests. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fortinet-fortisandbox-ssrf-bug-proxies-internal-network-requests/
-
Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution
Fortinet has released updates to fix a critical security flaw impacting FortiSIEM that could allow an unauthenticated attacker to achieve code execution on susceptible instances.The operating system (OS) injection vulnerability, tracked as CVE-2025-64155, is rated 9.4 out of 10.0 on the CVSS scoring system.”An improper neutralization of special elements used in an OS command (‘OS…
-
MS-ISAC Flags High-Risk Security Flaws in Fortinet Products
A new cybersecurity advisory from the Multi-State Information Sharing and Analysis Center (MS-ISAC) is alerting organizations to multiple vulnerabilities affecting Fortinet products, some of which could allow attackers to execute arbitrary code on impacted systems. The advisory, identified as MS-ISAC Advisory 2026-003, was issued on January 13, 2026, and applies to a wide range of enterprise, government, and education-focused…
-
Fortinet fixed two critical flaws in FortiFone and FortiSIEM
Fortinet fixed six security flaws, including two critical bugs in FortiFone and FortiSIEM that attackers could exploit without authentication. Fortinet released patches for six vulnerabilities, including two critical flaws in FortiFone and FortiSIEM that could be exploited without authentication to leak configuration data or enable code execution. The first vulnerabilty, tracked as CVE-2025-64155 (CVSS score…
-
FortiOS Vulnerability Allows Remote Code Execution Without Login
Fortinet warns a FortiOS flaw could allow unauthenticated remote code execution, making rapid patching critical. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fortios-vulnerability-allows-remote-code-execution-without-login/
-
No fire sale for firewalls as memory shortages could push prices higher
In SEC filings, Fortinet and Palo Alto show shrinking product margins taking hold. First seen on theregister.com Jump to article: www.theregister.com/2026/01/12/no_fire_sale_on_firewalls/
-
Fortinet Taps D&H To Drive SMB-Midmarket Cybersecurity Sales Growth
Here’s a look at why cybersecurity stalwart Fortinet is looking to D&H Distributing to help it grab a bigger share of the SMB-midmarket. First seen on crn.com Jump to article: www.crn.com/news/security/2026/fortinet-taps-d-h-to-drive-smb-midmarket-cybersecurity-sales-growth
-
Ten thousand firewalls are vulnerable to old vulnerability
This news brief originally appeared on ComputerSweden.More Fortinet security news:FortiGate firewall credentials being stolen after vulnerabilities discoveredFortinet criticized for ‘silent’ patching after disclosing second zero-day vulnerability in same equipmentFortinet admins urged to update software to close FortiCloud SSO holes First seen on csoonline.com Jump to article: www.csoonline.com/article/4112857/ten-thousand-firewalls-are-vulnerable-to-old-vulnerability.html
-
Thousands of firewalls at risk as legacy flaw in Fortinet faces renewed threat
The company in December warned of recent attacks targeting a 2020 vulnerability. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/thousands-of-firewalls-at-risk-as-legacy-flaw-in-fortinet-under-renewed-thr/808739/
-
Fünf Jahre alte Sicherheitslücke: Laufende Attacken gefährden 10.000 Firewalls
Eine seit Juli 2020 gepatchte Sicherheitslücke in FortiOS ist auf Tausenden von Firewalls noch immer ausnutzbar. Fortinet warnt vor laufenden Angriffen. First seen on golem.de Jump to article: www.golem.de/news/fuenf-jahre-alte-luecke-laufende-attacken-gefaehrden-10-000-fortinet-firewalls-2601-203785.html
-
Over 10K Fortinet firewalls exposed to actively exploited 2FA bypass
Tags: 2fa, attack, authentication, data-breach, exploit, firewall, fortinet, Internet, mfa, vulnerabilityOver 10,000 Internet-exposed Fortinet firewalls are still vulnerable to attacks exploiting a five-year-old two-factor authentication (2FA) bypass vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-10-000-fortinet-firewalls-exposed-to-ongoing-2fa-bypass-attacks/
-
Fortinet warns of 5-year-old FortiOS 2FA bypass still exploited in attacks
Fortinet has warned customers that threat actors are still actively exploiting a critical FortiOS vulnerability that allows them to bypass two-factor authentication (2FA) when targeting vulnerable FortiGate firewalls. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fortinet-warns-of-5-year-old-fortios-2fa-bypass-still-exploited-in-attacks/
-
Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability
Fortinet on Wednesday said it observed “recent abuse” of a five-year-old security flaw in FortiOS SSL VPN in the wild under certain configurations.The vulnerability in question is CVE-2020-12812 (CVSS score: 5.2), an improper authentication vulnerability in SSL VPN in FortiOS that could allow a user to log in successfully without being prompted for the second…
-
25,000+ FortiCloud SSO-Enabled Systems Vulnerable to Remote Exploitation
The Shadowserver Foundation has identified over 25,000 internet-facing Fortinet devices globally with FortiCloud Single Sign-On (SSO) functionality enabled, raising concerns about potential exposure to critical authentication bypass vulnerabilities. The non-profit security organization recently added fingerprinting capabilities for these systems to its Device Identification reporting service, alerting network administrators to verify their security posture immediately. Mass…
-
25,000+ FortiCloud SSO-Enabled Systems Vulnerable to Remote Exploitation
The Shadowserver Foundation has identified over 25,000 internet-facing Fortinet devices globally with FortiCloud Single Sign-On (SSO) functionality enabled, raising concerns about potential exposure to critical authentication bypass vulnerabilities. The non-profit security organization recently added fingerprinting capabilities for these systems to its Device Identification reporting service, alerting network administrators to verify their security posture immediately. Mass…
-
4 Pillars of Network Risk Reduction: A Guide to Network Security Risk Management
Large enterprises today find themselves stuck in the “messy middle” of digital transformation, managing legacy on-premise firewalls from Palo Alto, Check Point, and Fortinet while simultaneously governing fast-growing cloud environments…. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/4-pillars-of-network-risk-reduction-a-guide-to-network-security-risk-management/
-
Over 25,000 FortiCloud SSO devices exposed to remote attacks
Internet security watchdog Shadowserver has found over 25,000 Fortinet devices exposed online with FortiCloud SSO enabled, amid ongoing attacks targeting a critical authentication bypass vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-25-000-forticloud-sso-devices-exposed-to-remote-attacks/
-
Breach Roundup: Coupang Breach Sparks Leadership Shakeup
Also: Texas AG Sues Smart TV Manufacturers, Fortinet SSO Flaws. This week, a leadership shakeup at Coupang, attackers exploited critical Fortinet SSO flaws, Pornhub data hacked, Texas Attorney General Ken Paxton sued smart TV makers, auto finance provider 700Credit disclosed a breach affecting millions, A revived pro-Russia ransomware operation stumbled. First seen on govinfosecurity.com Jump…
-
TruffleNet and Cloud Abuse at Scale: An Identity Architecture Failure
The recent TruffleNet campaign, first documented by Fortinet, highlights a familiar and uncomfortable truth for security leaders: some of the most damaging cloud attacks aren’t exploiting zero-day vulnerabilities. They’re exploiting identity models that were never designed for the scale and automation of modern cloud environments. Nothing about this attack was novel. That’s precisely the problem….…
-
TruffleNet and Cloud Abuse at Scale: An Identity Architecture Failure
The recent TruffleNet campaign, first documented by Fortinet, highlights a familiar and uncomfortable truth for security leaders: some of the most damaging cloud attacks aren’t exploiting zero-day vulnerabilities. They’re exploiting identity models that were never designed for the scale and automation of modern cloud environments. Nothing about this attack was novel. That’s precisely the problem….…
-
Fortinet vulnerabilities prompt pre-holiday warnings
Analysts track exploitation of two vulnerabilities disclosed last week by Fortinet First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366636678/Fortinet-vulns-prompt-pre-holiday-warnings
-
Fortinet vulnerabilities prompt pre-holiday warnings
Analysts track exploitation of two vulnerabilities disclosed last week by Fortinet First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366636678/Fortinet-vulns-prompt-pre-holiday-warnings
-
Critical Fortinet Flaws Under Active Attack
Attackers targeted admin accounts, and once authenticated, exported device configurations including hashed credentials and other sensitive information. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/critical-fortinet-flaws-under-active-attack
-
CISA Adds Actively Exploited Fortinet Signature Verification Flaw to KEV Catalog
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, fortinet, infrastructure, kev, threat, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2025-59718 to its Known Exploited Vulnerabilities (KEV) catalog, marking the latest Fortinet vulnerability being actively exploited in the wild. The flaw affects multiple Fortinet products and poses a significant threat to organisations relying on FortiCloud single sign-on (SSO) authentication. Vulnerability Details CVE-2025-59718 represents an improper…
-
FortiGate devices targeted with malicious SSO logins
Researchers discovered threat activity less than a week after Fortinet disclosed critical vulnerabilities in multiple products. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/fortigate-devices-targeted-with-malicious-sso-logins/808132/
-
Actively Exploited Fortinet Flaws Enable Security Appliance Takeover
Attackers are actively exploiting Fortinet flaws to bypass authentication and take over security appliances. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/actively-exploited-fortinet-flaws-enable-security-appliance-takeover/
-
Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718)
Attackers are exploiting a recently revealed vulnerability (CVE-2025-59718) to bypass authentication on Fortinet’s FortiGate firewalls, and are leveraging the achieved … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/17/fortigate-vulnerability-cve-2025-59718-exploited/