Fortinet continues to combat ongoing SSO admin attacks

Attackers have been targeting various Fortinet products for some time. A functional security update is still missing.
CSO Online

Critical FortiCloud SSO zero‑day forces emergency service disablement at Fortinet

CISA added the flaw to its KEVs catalog as Fortinet warned that patches for most affected versions remain “upcoming,” even ...
SDxCentral

Fortinet firewalls face new threat, this time from authentication flaw

Fortinet firewalls are under threat from a single sign-on (SSO) vulnerability, which allows unauthorized configuration changes.
Bleeping Computer

Fortinet warns of new critical FortiManager flaw used in zero-day attacks

Fortinet publicly disclosed today a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited in zero-day attacks to steal sensitive files containing configurations, IP ...

Fortinet closes security vulnerabilities in FortiOS, FortiSIEM, and more

Fortinet released updates for FortiOS and other products on Wednesday night. They fix, in some cases critical, vulnerabilities.
CRN

‘Critical’ Fortinet FortiOS Vulnerability Seeing Exploitation: CISA

The cybersecurity agency confirmed that the remote code execution flaw, which impacts numerous versions of the Fortinet operating system, has been exploited in attacks. A “critical” vulnerability ...
Bleeping Computer

Hackers exploit newly patched Fortinet auth bypass flaws

Hackers are exploiting critical-severity vulnerabilities affecting multiple Fortinet products to get unauthorized access to admin accounts and steal system configuration files. The two vulnerabilities ...
TechRadar

Fortinet products hit by further security flaws - giving hackers access to systems and more

Two critical SAML‑signature flaws (CVE‑2025‑59718/59719) let attackers bypass SSO across multiple Fortinet products Exploitation began December 12, with intruders pulling config files that expose ...
TechJuice

Critical Fortinet Flaws Put Core Security Systems at Risk, CERT Warns

A set of newly disclosed critical vulnerabilities in Fortinet products is raising serious cybersecurity concerns, with national CERT ...