Fortinet warns of critical FortiCloud SSO login auth bypass flaws

Fortinet has released security updates to address two critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCloud SSO ...
SecurityWeek

In-the-Wild Exploitation of Fresh Fortinet Flaws Begins

Threat actors are exploiting two recent critical Fortinet vulnerabilities to bypass SSO login authentication on FortiGate ...
Bleeping Computer

Fortinet confirms silent patch for FortiWeb zero-day exploited in attacks

Fortinet has confirmed that it has silently patched a critical zero-day vulnerability in its FortiWeb web application firewall, which is now "massively exploited in the wild." The flaw was silently ...
Dark Reading

Critical Fortinet FortiWeb WAF Bug Exploited in the Wild

A critical Fortinet FortiWeb vulnerability capable of remote code execution has been exploited in the wild. Because the vulnerability is capable of remote code execution in a pre-authentication state ...
CSOonline

Fortinet’s silent patch sparks alarm as a critical FortiWeb flaw is exploited in the wild

Researchers say the flaw, affecting thousands of internet-facing FortiWeb instances, was exploited long before Fortinet disclosed or rated its severity. Security researchers are warning about two ...
SecurityWeek

Fortinet Patches Critical Authentication Bypass Vulnerabilities

Fortinet patched two critical flaws in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager leading to authentication bypass ...
CSOonline

Fortinet criticized for ‘silent’ patching after disclosing second zero-day vulnerability in same equipment

Only days after Fortinet was criticized by researchers for ‘silently’ patching a zero-day vulnerability without informing its customers, it has emerged that it did the same for a second zero-day that ...
Dark Reading

Zero-Day Flaw Found in Fortinet's FortiWeb WAF Technology

Researchers at Rapid7 today disclosed a critical zero-day vulnerability in Fortinet's FortiWeb Web application firewall (WAF) technology that attackers can exploit to gain complete control of affected ...
CRN

Fortinet: ’Critical’ FortiWeb Vulnerability Exploited In Attacks

The cybersecurity vendor confirmed Friday that the flaw has been ‘exploited in the wild on FortiWeb.’ Fortinet confirmed Friday that a critical-severity vulnerability affecting its web application ...