home.social

#fortios — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #fortios, aggregated by home.social.

  1. Si vous administrez des FortiGate/FortiOS : des admins signalent un contournement du patch de la vulnérabilité critique CVE-2025-59718 (FortiCloud SSO fortiguard.fortinet.com/psirt/ ) → compromission possible même sur des firewalls « patchés » (ex. 7.4.9/7.4.10).

    ( reddit.com/r/fortinet/comments )

    Préreq : “Allow administrative login using FortiCloud SSO” activé (souvent après enregistrement FortiCare).

    Mitigation : désactiver admin-forticloud-sso-login + restreindre l’accès admin + vérifier logs/nouveaux comptes.

    Chaîne d'exploitation: CVE-2025-59718 (+ CVE-2025-59719 côté FortiWeb) ➡️ envoi de messages SAML forgés ➡️ bypass de vérification de signature ➡️ accès admin non autorisé.

    [Références]
    "Fortinet admins report patched FortiGate firewalls getting hacked"
    👇
    bleepingcomputer.com/news/secu

    ( cyberveille.ch/posts/2026-01-2)

    💬
    ⬇️
    infosec.pub/post/40878137

    #CyberVeille #Fortinet #FortiGate #FortiOS #CVE_2025_59718

  2. A coordinated brute-force campaign has targeted Fortinet SSL VPNs, over 780 unique IPs launched credential attacks on August 3, followed by a change of target from FortiOS to FortiManager.

    Read: hackread.com/brute-force-campa

    #Cybersecurity #Fortinet #BruteForce #CyberAttack #FortiOS #FortiManager

  3. #BSI WID-SEC-2025-1026: [NEU] [hoch] #Fortinet #FortiOS, #FortiProxy #und #FortiSwitch: Schwachstelle ermöglicht Privilegieneskalation

    Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Fortinet FortiOS, Fortinet FortiProxy und Fortinet FortiSwitch ausnutzen, um seine Privilegien zu erhöhen.

    wid.cert-bund.de/portal/wid/se

  4. #BSI WID-SEC-2025-1026: [NEU] [hoch] #Fortinet #FortiOS, #FortiProxy #und #FortiSwitch: Schwachstelle ermöglicht Privilegieneskalation

    Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Fortinet FortiOS, Fortinet FortiProxy und Fortinet FortiSwitch ausnutzen, um seine Privilegien zu erhöhen.

    wid.cert-bund.de/portal/wid/se

  5. CISA added two Known Exploited Vulnerabilities (KEV) to its catalog that pose a risk to federal enterprise. The flaws were in Fortinet's FortiOS and FortiProxy.

    Read TechNadu's report: technadu.com/cisa-warns-of-git

    #CISA #Vulnerability #Fortinet #GitHub #FortiProxy #FortiOS

  6. CISA added two Known Exploited Vulnerabilities (KEV) to its catalog that pose a risk to federal enterprise. The flaws were in Fortinet's FortiOS and FortiProxy.

    Read TechNadu's report: technadu.com/cisa-warns-of-git

    #CISA #Vulnerability #Fortinet #GitHub #FortiProxy #FortiOS

  7. 🚨 A critical #FortiOS vulnerability (CVE-2024-40591) allows privilege escalation to super-admin level! Affected versions: 7.6.0, 7.4.x, 7.2.x, 7.0.x, and all 6.4. Update ASAP!

    Read: hackread.com/fortios-vulnerabi

    #CyberSecurity #Fortinet #InfoSec #Vulnerability

  8. В тренде VM: под угрозой продукты Microsoft и Fortinet, а также архиватор 7-Zip

    Хабр, привет! И вновь на связи я Александр Леонов, ведущий эксперт лаборатории PT Expert Security Center и дежурный по самым опасным уязвимостям месяца. Мы с командой аналитиков Positive Technologies каждый месяц исследуем информацию об уязвимостях из баз и бюллетеней безопасности вендоров, социальных сетей, блогов, телеграм-каналов, баз эксплойтов, публичных репозиториев кода и выявляем во всем этом многообразии сведений трендовые уязвимости. Это те уязвимости, которые либо уже эксплуатируются вживую, либо будут эксплуатироваться в ближайшее время. В новый дайджест мы отнесли к трендовым восемь уязвимостей.

    habr.com/ru/companies/pt/artic

    #трендовые_уязвимости #microsoft #ole #rce #websocket #nodejs #fortios #7zip #maxpatrol_vm #управление_уязвимостями

  9. В тренде VM: под угрозой продукты Microsoft и Fortinet, а также архиватор 7-Zip

    Хабр, привет! И вновь на связи я Александр Леонов, ведущий эксперт лаборатории PT Expert Security Center и дежурный по самым опасным уязвимостям месяца. Мы с командой аналитиков Positive Technologies каждый месяц исследуем информацию об уязвимостях из баз и бюллетеней безопасности вендоров, социальных сетей, блогов, телеграм-каналов, баз эксплойтов, публичных репозиториев кода и выявляем во всем этом многообразии сведений трендовые уязвимости. Это те уязвимости, которые либо уже эксплуатируются вживую, либо будут эксплуатироваться в ближайшее время. В новый дайджест мы отнесли к трендовым восемь уязвимостей.

    habr.com/ru/companies/pt/artic

    #трендовые_уязвимости #microsoft #ole #rce #websocket #nodejs #fortios #7zip #maxpatrol_vm #управление_уязвимостями

  10. В тренде VM: под угрозой продукты Microsoft и Fortinet, а также архиватор 7-Zip

    Хабр, привет! И вновь на связи я Александр Леонов, ведущий эксперт лаборатории PT Expert Security Center и дежурный по самым опасным уязвимостям месяца. Мы с командой аналитиков Positive Technologies каждый месяц исследуем информацию об уязвимостях из баз и бюллетеней безопасности вендоров, социальных сетей, блогов, телеграм-каналов, баз эксплойтов, публичных репозиториев кода и выявляем во всем этом многообразии сведений трендовые уязвимости. Это те уязвимости, которые либо уже эксплуатируются вживую, либо будут эксплуатироваться в ближайшее время. В новый дайджест мы отнесли к трендовым восемь уязвимостей.

    habr.com/ru/companies/pt/artic

    #трендовые_уязвимости #microsoft #ole #rce #websocket #nodejs #fortios #7zip #maxpatrol_vm #управление_уязвимостями

  11. #BSI WID-SEC-2025-0321: [NEU] [mittel] #Fortinet #FortiOS #und #FortiProxy: Schwachstelle ermöglicht Codeausführung

    Ein lokaler Angreifer kann eine Schwachstelle in Fortinet FortiOS und Fortinet FortiProxy ausnutzen, um beliebigen Programmcode auszuführen.

    wid.cert-bund.de/portal/wid/se

  12. #BSI WID-SEC-2025-0321: [NEU] [mittel] #Fortinet #FortiOS #und #FortiProxy: Schwachstelle ermöglicht Codeausführung

    Ein lokaler Angreifer kann eine Schwachstelle in Fortinet FortiOS und Fortinet FortiProxy ausnutzen, um beliebigen Programmcode auszuführen.

    wid.cert-bund.de/portal/wid/se

  13. #Fortinet have dropped 29 security updates today, 14 of which are rated "high" or "critical". Have fun everyone. (Fortunately, only one 'low' affects our stuff but FFS, come on)

    fortiguard.com/psirt

    #fortios #fortifail #fortigate

  14. Happy Patch Tuesday from your friends at Fortinet. 13 security advisories, 15 vulnerabilities. No mention of exploitation in the wild:

    • FG-IR-23-087 CVE-2023-45590 (9.6 critical) [FortiClient Linux] Remote Code Execution due to dangerous nodejs configuration
    • FG-IR-23-345 CVE-2023-45588 and CVE-2024-31492 (8.2 high) FortiClientMac - Lack of configuration file validation
    • FG-IR-23-419 CVE-2023-47542 (6.7 medium) FortiManager - Code Injection via Jinja Template
    • FG-IR-23-288 CVE-2023-48785 (4.8 medium) FortiNAC-F - Lack of certificate validation
    • FG-IR-23-413 CVE-2023-48784 (6.7 medium) FortiOS - Format String in CLI command
    • FG-IR-23-224 CVE-2024-23662 (5.3 medium ) FortiOS - Web server ETag exposure
    • FG-IR-23-493 CVE-2023-41677 (7.5 high) FortiOS & FortiProxy - administrator cookie leakage
    • FG-IR-23-454 CVE-2024-23671 (8.1 high) FortiSandbox - Arbitrary file delete on endpoint
    • FG-IR-24-060 CVE-2024-31487 (5.9 medium) FortiSandbox - Arbitrary file read on endpoint
    • FG-IR-23-416 CVE-2023-47541 (6.7 medium) FortiSandbox - Arbitrary file write on CLI leading to arbitrary code execution
    • FG-IR-23-411 CVE-2023-47540 (6.7 medium) FortiSandbox - Command injection impacting CLI command
    • FG-IR-23-489 CVE-2024-21755 and CVE-2024-21756 (8.8 high) FortiSandbox - OS command injection on endpoint
    • FG-IR-24-009 CVE-2024-26014 (5.3 medium) SMTP Smuggling (analyst note: third party vulnerability)

    #PatchTuesday #Fortinet #FortiManager #vulnerability #FortiSandbox #FortiOS #FortiProxy

  15. Happy Patch Tuesday from your friends at Fortinet. 13 security advisories, 15 vulnerabilities. No mention of exploitation in the wild:

    • FG-IR-23-087 CVE-2023-45590 (9.6 critical) [FortiClient Linux] Remote Code Execution due to dangerous nodejs configuration
    • FG-IR-23-345 CVE-2023-45588 and CVE-2024-31492 (8.2 high) FortiClientMac - Lack of configuration file validation
    • FG-IR-23-419 CVE-2023-47542 (6.7 medium) FortiManager - Code Injection via Jinja Template
    • FG-IR-23-288 CVE-2023-48785 (4.8 medium) FortiNAC-F - Lack of certificate validation
    • FG-IR-23-413 CVE-2023-48784 (6.7 medium) FortiOS - Format String in CLI command
    • FG-IR-23-224 CVE-2024-23662 (5.3 medium ) FortiOS - Web server ETag exposure
    • FG-IR-23-493 CVE-2023-41677 (7.5 high) FortiOS & FortiProxy - administrator cookie leakage
    • FG-IR-23-454 CVE-2024-23671 (8.1 high) FortiSandbox - Arbitrary file delete on endpoint
    • FG-IR-24-060 CVE-2024-31487 (5.9 medium) FortiSandbox - Arbitrary file read on endpoint
    • FG-IR-23-416 CVE-2023-47541 (6.7 medium) FortiSandbox - Arbitrary file write on CLI leading to arbitrary code execution
    • FG-IR-23-411 CVE-2023-47540 (6.7 medium) FortiSandbox - Command injection impacting CLI command
    • FG-IR-23-489 CVE-2024-21755 and CVE-2024-21756 (8.8 high) FortiSandbox - OS command injection on endpoint
    • FG-IR-24-009 CVE-2024-26014 (5.3 medium) SMTP Smuggling (analyst note: third party vulnerability)

    #PatchTuesday #Fortinet #FortiManager #vulnerability #FortiSandbox #FortiOS #FortiProxy

  16. Happy Patch Tuesday from your friends at Fortinet. 13 security advisories, 15 vulnerabilities. No mention of exploitation in the wild:

    • FG-IR-23-087 CVE-2023-45590 (9.6 critical) [FortiClient Linux] Remote Code Execution due to dangerous nodejs configuration
    • FG-IR-23-345 CVE-2023-45588 and CVE-2024-31492 (8.2 high) FortiClientMac - Lack of configuration file validation
    • FG-IR-23-419 CVE-2023-47542 (6.7 medium) FortiManager - Code Injection via Jinja Template
    • FG-IR-23-288 CVE-2023-48785 (4.8 medium) FortiNAC-F - Lack of certificate validation
    • FG-IR-23-413 CVE-2023-48784 (6.7 medium) FortiOS - Format String in CLI command
    • FG-IR-23-224 CVE-2024-23662 (5.3 medium ) FortiOS - Web server ETag exposure
    • FG-IR-23-493 CVE-2023-41677 (7.5 high) FortiOS & FortiProxy - administrator cookie leakage
    • FG-IR-23-454 CVE-2024-23671 (8.1 high) FortiSandbox - Arbitrary file delete on endpoint
    • FG-IR-24-060 CVE-2024-31487 (5.9 medium) FortiSandbox - Arbitrary file read on endpoint
    • FG-IR-23-416 CVE-2023-47541 (6.7 medium) FortiSandbox - Arbitrary file write on CLI leading to arbitrary code execution
    • FG-IR-23-411 CVE-2023-47540 (6.7 medium) FortiSandbox - Command injection impacting CLI command
    • FG-IR-23-489 CVE-2024-21755 and CVE-2024-21756 (8.8 high) FortiSandbox - OS command injection on endpoint
    • FG-IR-24-009 CVE-2024-26014 (5.3 medium) SMTP Smuggling (analyst note: third party vulnerability)

    #PatchTuesday #Fortinet #FortiManager #vulnerability #FortiSandbox #FortiOS #FortiProxy

  17. Happy Patch Tuesday from your friends at Fortinet. 13 security advisories, 15 vulnerabilities. No mention of exploitation in the wild:

    • FG-IR-23-087 CVE-2023-45590 (9.6 critical) [FortiClient Linux] Remote Code Execution due to dangerous nodejs configuration
    • FG-IR-23-345 CVE-2023-45588 and CVE-2024-31492 (8.2 high) FortiClientMac - Lack of configuration file validation
    • FG-IR-23-419 CVE-2023-47542 (6.7 medium) FortiManager - Code Injection via Jinja Template
    • FG-IR-23-288 CVE-2023-48785 (4.8 medium) FortiNAC-F - Lack of certificate validation
    • FG-IR-23-413 CVE-2023-48784 (6.7 medium) FortiOS - Format String in CLI command
    • FG-IR-23-224 CVE-2024-23662 (5.3 medium ) FortiOS - Web server ETag exposure
    • FG-IR-23-493 CVE-2023-41677 (7.5 high) FortiOS & FortiProxy - administrator cookie leakage
    • FG-IR-23-454 CVE-2024-23671 (8.1 high) FortiSandbox - Arbitrary file delete on endpoint
    • FG-IR-24-060 CVE-2024-31487 (5.9 medium) FortiSandbox - Arbitrary file read on endpoint
    • FG-IR-23-416 CVE-2023-47541 (6.7 medium) FortiSandbox - Arbitrary file write on CLI leading to arbitrary code execution
    • FG-IR-23-411 CVE-2023-47540 (6.7 medium) FortiSandbox - Command injection impacting CLI command
    • FG-IR-23-489 CVE-2024-21755 and CVE-2024-21756 (8.8 high) FortiSandbox - OS command injection on endpoint
    • FG-IR-24-009 CVE-2024-26014 (5.3 medium) SMTP Smuggling (analyst note: third party vulnerability)

    #PatchTuesday #Fortinet #FortiManager #vulnerability #FortiSandbox #FortiOS #FortiProxy

  18. Happy Patch Tuesday from your friends at Fortinet. 13 security advisories, 15 vulnerabilities. No mention of exploitation in the wild:

    • FG-IR-23-087 CVE-2023-45590 (9.6 critical) [FortiClient Linux] Remote Code Execution due to dangerous nodejs configuration
    • FG-IR-23-345 CVE-2023-45588 and CVE-2024-31492 (8.2 high) FortiClientMac - Lack of configuration file validation
    • FG-IR-23-419 CVE-2023-47542 (6.7 medium) FortiManager - Code Injection via Jinja Template
    • FG-IR-23-288 CVE-2023-48785 (4.8 medium) FortiNAC-F - Lack of certificate validation
    • FG-IR-23-413 CVE-2023-48784 (6.7 medium) FortiOS - Format String in CLI command
    • FG-IR-23-224 CVE-2024-23662 (5.3 medium ) FortiOS - Web server ETag exposure
    • FG-IR-23-493 CVE-2023-41677 (7.5 high) FortiOS & FortiProxy - administrator cookie leakage
    • FG-IR-23-454 CVE-2024-23671 (8.1 high) FortiSandbox - Arbitrary file delete on endpoint
    • FG-IR-24-060 CVE-2024-31487 (5.9 medium) FortiSandbox - Arbitrary file read on endpoint
    • FG-IR-23-416 CVE-2023-47541 (6.7 medium) FortiSandbox - Arbitrary file write on CLI leading to arbitrary code execution
    • FG-IR-23-411 CVE-2023-47540 (6.7 medium) FortiSandbox - Command injection impacting CLI command
    • FG-IR-23-489 CVE-2024-21755 and CVE-2024-21756 (8.8 high) FortiSandbox - OS command injection on endpoint
    • FG-IR-24-009 CVE-2024-26014 (5.3 medium) SMTP Smuggling (analyst note: third party vulnerability)

    #PatchTuesday #Fortinet #FortiManager #vulnerability #FortiSandbox #FortiOS #FortiProxy