Fortinet continues to combat ongoing SSO admin attacks

Attackers have been targeting various Fortinet products for some time. A functional security update is still missing.
CSO Online

Critical FortiCloud SSO zero‑day forces emergency service disablement at Fortinet

CISA added the flaw to its KEVs catalog as Fortinet warned that patches for most affected versions remain “upcoming,” even though vulnerable devices can no longer use cloud SSO until upgraded.
SDxCentral

Fortinet firewalls face new threat, this time from authentication flaw

Fortinet firewalls are under threat from a single sign-on (SSO) vulnerability, which allows unauthorized configuration changes.
SDxCentral

Thousands of Fortinet firewalls face critical authentication flaw

Security researchers claimed more than 10,000 Fortinet firewalls are at risk from a legacy vulnerability affecting FortiGate SSL VPN. The vulnerability allows users to log in without being prompted ...
CRN

‘Critical’ Fortinet FortiOS Vulnerability Seeing Exploitation: CISA

The cybersecurity agency confirmed that the remote code execution flaw, which impacts numerous versions of the Fortinet operating system, has been exploited in attacks. A “critical” vulnerability ...
TechJuice

Critical Fortinet Flaws Put Core Security Systems at Risk, CERT Warns

A set of newly disclosed critical vulnerabilities in Fortinet products is raising serious cybersecurity concerns, with national CERT ...