Articles tagged "Fortinet"

Found 43 articles

A serious SQL injection vulnerability, tracked as CVE-2026-21643, has been discovered in Fortinet's FortiClient Endpoint Management Server (EMS), which manages FortiClient endpoint agents across multiple platforms. This vulnerability is currently being actively exploited, as reported by Defused Cyber, a firm that specializes in threat intelligence. Although it has not yet been listed on CISA’s Known Exploited Vulnerabilities (KEV) list, the ongoing attacks pose significant risks to organizations using FortiClient EMS. Companies should take immediate action to assess their systems and implement necessary security measures to safeguard against potential breaches. The situation emphasizes the need for vigilance in monitoring and securing endpoint management solutions.

Read Original

A serious vulnerability in Fortinet's FortiClient EMS platform, identified as CVE-2026-21643, is currently being exploited by attackers. This flaw, which has a CVSS score of 9.1, allows for remote code execution through SQL injection. Researchers from Defused have reported active exploitation of this vulnerability, posing significant risks to organizations using FortiClient EMS. Companies are urged to take immediate action to protect their systems, as the potential for unauthorized access and control could lead to severe consequences. It is essential for affected users to stay informed and apply any available patches promptly to mitigate the risks associated with this flaw.

Read Original
Actively Exploited

A serious vulnerability in Fortinet's FortiClient EMS platform is currently being exploited by attackers, according to the threat intelligence firm Defused. This flaw poses significant risks to organizations using the affected software, as it allows unauthorized access and potential control over their systems. Companies that rely on FortiClient EMS for endpoint management and security should urgently assess their systems to mitigate the risk. The ongoing exploitation of this vulnerability underscores the need for timely updates and security patches to protect sensitive data and maintain system integrity. Users are advised to follow best practices for cybersecurity and monitor for any unusual activities.

Read Original

Fortinet's FortiGuard Labs has released its 2026 Global Threat Landscape Report, revealing significant trends in cybersecurity threats. The report indicates a rise in sophisticated attacks targeting both enterprise and personal systems, particularly through ransomware and phishing schemes. These attacks are increasingly leveraging artificial intelligence to bypass traditional security measures. Companies across various sectors, including finance and healthcare, are particularly vulnerable, as attackers exploit their reliance on digital infrastructure. The findings stress the urgent need for organizations to enhance their security protocols and invest in advanced threat detection technologies to protect sensitive data and maintain operational integrity.

Read Original
Actively Exploited

Recent reports indicate that attackers are exploiting vulnerabilities in Fortinet's FortiGate Next-Generation Firewall appliances. These devices have been misconfigured, making them targets for network infiltration, particularly affecting healthcare and government organizations, as well as managed service providers. The exploitation could lead to unauthorized access to sensitive data and systems, raising serious security concerns. As these attacks are part of a broader campaign, organizations using FortiGate devices need to take immediate action to secure their networks. This incident serves as a reminder of the importance of proper configuration and timely updates for security appliances.

Read Original

Fortinet has released patches for several high-severity vulnerabilities that could allow attackers to execute commands and bypass authentication without needing to log in. These vulnerabilities pose a significant risk as they can be exploited remotely, potentially allowing unauthorized access to sensitive systems. Organizations using Fortinet products should prioritize applying these updates to protect their networks from potential attacks. The vulnerabilities impact a range of Fortinet's security products, and users are urged to ensure their systems are up to date. Ignoring these patches could leave systems vulnerable to exploitation by malicious actors.

Read Original

Last week, Microsoft addressed a serious vulnerability in its Office software, which was being actively exploited by attackers. This zero-day flaw could allow unauthorized access to user systems, putting sensitive information at risk. Users of Microsoft Office should ensure they install the latest updates to protect themselves from potential attacks. Additionally, Fortinet released patches for a flaw in its FortiCloud single sign-on (SSO) service, which could have allowed unauthorized access to user accounts. Organizations using FortiCloud should prioritize applying these updates to safeguard their systems from exploitation.

Read Original

Fortinet has confirmed a new zero-day vulnerability that is allowing attackers to exploit single sign-on (SSO) authentication for malicious logins. In response to the ongoing attacks, the company has temporarily disabled FortiCloud SSO authentication across all devices to mitigate the risk. This means that users relying on this feature for secure access may face disruptions while Fortinet works on a solution. The situation is particularly concerning as it puts sensitive information at risk and could lead to unauthorized access to critical systems. Companies using Fortinet products should monitor the situation closely and be prepared to implement any updates once they are released.

Read Original

Fortinet has issued patches for a serious vulnerability in its FortiOS software, identified as CVE-2026-24858, which has been actively exploited by attackers. This flaw allows unauthorized users to bypass Single Sign-On (SSO) authentication, posing a significant risk to organizations using affected systems. The vulnerability has a high CVSS score of 9.4, indicating its severity. It impacts several products, including FortiOS, FortiManager, and FortiAnalyzer. Companies utilizing these systems should prioritize applying the available patches to protect against potential breaches.

Read Original

Fortinet has addressed a significant vulnerability tracked as CVE-2026-24858, which could allow attackers to bypass authentication and gain unauthorized access to devices linked to other FortiCloud accounts. This flaw presents a serious risk, as it enables malicious actors to potentially control devices that should be secure. Users and organizations utilizing FortiCloud services are particularly affected, as their account security could be compromised. Fortinet's swift action to patch this vulnerability is crucial to prevent exploitation and protect users' sensitive data. Companies using Fortinet products should ensure they apply the latest updates to mitigate this risk effectively.

Read Original

Arctic Wolf has reported a surge in automated attacks targeting Fortinet FortiGate devices, which has been ongoing since January 15, 2026. These attacks involve unauthorized changes to firewall configurations, with attackers creating generic accounts to maintain access, enabling VPN capabilities, and exfiltrating sensitive firewall data. This activity mirrors similar attacks identified in December 2025. Organizations using FortiGate firewalls should be vigilant, as these breaches can compromise network security and expose critical information. The situation emphasizes the need for enhanced security measures and monitoring to detect such unauthorized activities.

Read Original

This week, several significant cybersecurity incidents have emerged, showcasing the vulnerabilities within various systems. Notably, flaws in Fortinet products have come to light, potentially exposing users to exploitation. Additionally, researchers have identified the RedLine Clipjack malware, which can hijack browser sessions, affecting users who may not realize their data is being compromised. The discovery of a method to crack NTLM authentication raises concerns for organizations relying on this protocol, as it could lead to unauthorized access. Furthermore, a new attack targeting AI tools like Copilot illustrates how these advancements can be manipulated, posing risks to users and their data. These incidents emphasize the need for robust security measures as technology continues to evolve rapidly.

Read Original

A serious vulnerability, identified as CVE-2025-64155, has been discovered in Fortinet’s FortiSIEM security platform, allowing unauthenticated remote attackers to execute unauthorized code. This flaw specifically affects the phMonitor service, which is crucial for the operation of FortiSIEM. The release of proof-of-concept (PoC) exploit code has heightened concerns, urging organizations using this software to apply patches immediately. If not addressed, this vulnerability could lead to significant security risks, as attackers could manipulate the system remotely. Organizations should prioritize patching their FortiSIEM deployments to safeguard against potential exploitation.

Read Original

A serious vulnerability has been discovered in Fortinet's Security Information and Event Management (SIEM) solution, FortiSIEM, which allows remote, unauthenticated attackers to execute arbitrary commands. This flaw, classified as a command injection vulnerability, poses a significant risk as it can be exploited without needing any prior access. Researchers have released technical details and exploit code, raising concerns about the potential for widespread attacks. Companies using FortiSIEM should take immediate action to secure their systems, as the implications of this vulnerability could lead to unauthorized access and data breaches. It's crucial for users to stay informed and apply any necessary patches or updates as they become available.

Read Original

Fortinet has addressed six security flaws, two of which are critical vulnerabilities affecting its FortiFone and FortiSIEM products. These vulnerabilities could potentially allow attackers to exploit the systems without needing any authentication, which raises significant security concerns. Specifically, the flaws could lead to unauthorized access to configuration data or enable the execution of malicious code. Users of these products should prioritize applying the patches provided by Fortinet to safeguard their systems. Given the nature of these vulnerabilities, organizations using FortiFone and FortiSIEM need to act quickly to mitigate any potential risks.

Read Original
PreviousPage 2 of 3Next