home.social

#fortios — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #fortios, aggregated by home.social.

  1. FortiBleed: The ongoing Fortinet / FortiGate compromise campaign

    Fortinet edge devices are being targeted in a large-scale compromise campaign involving exposed management interfaces, FortiCloud SSO abuse, credential theft, brute forcing, config exports, and suspicious admin account creation.

    This should be treated as a compromise-assessment event, not just a normal patch cycle.

    Admins should patch FortiOS, review all local admin accounts, rotate credentials and shared secrets, check for config exports, enforce MFA, and restrict management access to trusted IPs or VPN-only access.

    Full details:
    forum.hashpwn.net/post/14105

    #fortinet #fortigate #fortibleed #fortios #forticloud #cybersecurity #vpn #hashpwn

  2. Si vous administrez des FortiGate/FortiOS : des admins signalent un contournement du patch de la vulnérabilité critique CVE-2025-59718 (FortiCloud SSO fortiguard.fortinet.com/psirt/ ) → compromission possible même sur des firewalls « patchés » (ex. 7.4.9/7.4.10).

    ( reddit.com/r/fortinet/comments )

    Préreq : “Allow administrative login using FortiCloud SSO” activé (souvent après enregistrement FortiCare).

    Mitigation : désactiver admin-forticloud-sso-login + restreindre l’accès admin + vérifier logs/nouveaux comptes.

    Chaîne d'exploitation: CVE-2025-59718 (+ CVE-2025-59719 côté FortiWeb) ➡️ envoi de messages SAML forgés ➡️ bypass de vérification de signature ➡️ accès admin non autorisé.

    [Références]
    "Fortinet admins report patched FortiGate firewalls getting hacked"
    👇
    bleepingcomputer.com/news/secu

    ( cyberveille.ch/posts/2026-01-2)

    💬
    ⬇️
    infosec.pub/post/40878137

    #CyberVeille #Fortinet #FortiGate #FortiOS #CVE_2025_59718

  3. A coordinated brute-force campaign has targeted Fortinet SSL VPNs, over 780 unique IPs launched credential attacks on August 3, followed by a change of target from FortiOS to FortiManager.

    Read: hackread.com/brute-force-campa

    #Cybersecurity #Fortinet #BruteForce #CyberAttack #FortiOS #FortiManager

  4. A coordinated brute-force campaign has targeted Fortinet SSL VPNs, over 780 unique IPs launched credential attacks on August 3, followed by a change of target from FortiOS to FortiManager.

    Read: hackread.com/brute-force-campa

    #Cybersecurity #Fortinet #BruteForce #CyberAttack #FortiOS #FortiManager

  5. Critical vulnerability allows attackers to bypass authentication on Fortinet devices. Is your network infrastructure at risk? Discover which versions are vulnerable and how to protect your systems immediately.

    #SecurityLand #CyberWatch #CyberSecurity #Fortinet #Vulnerability #FortiOS

    Read More: security.land/critical-fortine

  6. 🚨 A critical #FortiOS vulnerability (CVE-2024-40591) allows privilege escalation to super-admin level! Affected versions: 7.6.0, 7.4.x, 7.2.x, 7.0.x, and all 6.4. Update ASAP!

    Read: hackread.com/fortios-vulnerabi

    #CyberSecurity #Fortinet #InfoSec #Vulnerability

  7. 🚨 A critical #FortiOS vulnerability (CVE-2024-40591) allows privilege escalation to super-admin level! Affected versions: 7.6.0, 7.4.x, 7.2.x, 7.0.x, and all 6.4. Update ASAP!

    Read: hackread.com/fortios-vulnerabi

    #CyberSecurity #Fortinet #InfoSec #Vulnerability

  8. В тренде VM: под угрозой продукты Microsoft и Fortinet, а также архиватор 7-Zip

    Хабр, привет! И вновь на связи я Александр Леонов, ведущий эксперт лаборатории PT Expert Security Center и дежурный по самым опасным уязвимостям месяца. Мы с командой аналитиков Positive Technologies каждый месяц исследуем информацию об уязвимостях из баз и бюллетеней безопасности вендоров, социальных сетей, блогов, телеграм-каналов, баз эксплойтов, публичных репозиториев кода и выявляем во всем этом многообразии сведений трендовые уязвимости. Это те уязвимости, которые либо уже эксплуатируются вживую, либо будут эксплуатироваться в ближайшее время. В новый дайджест мы отнесли к трендовым восемь уязвимостей.

    habr.com/ru/companies/pt/artic

    #трендовые_уязвимости #microsoft #ole #rce #websocket #nodejs #fortios #7zip #maxpatrol_vm #управление_уязвимостями

  9. #Fortinet have dropped 29 security updates today, 14 of which are rated "high" or "critical". Have fun everyone. (Fortunately, only one 'low' affects our stuff but FFS, come on)

    fortiguard.com/psirt

    #fortios #fortifail #fortigate

  10. #Fortinet have dropped 29 security updates today, 14 of which are rated "high" or "critical". Have fun everyone. (Fortunately, only one 'low' affects our stuff but FFS, come on)

    fortiguard.com/psirt

    #fortios #fortifail #fortigate

  11. Happy Patch Tuesday from your friends at Fortinet. 13 security advisories, 15 vulnerabilities. No mention of exploitation in the wild:

    • FG-IR-23-087 CVE-2023-45590 (9.6 critical) [FortiClient Linux] Remote Code Execution due to dangerous nodejs configuration
    • FG-IR-23-345 CVE-2023-45588 and CVE-2024-31492 (8.2 high) FortiClientMac - Lack of configuration file validation
    • FG-IR-23-419 CVE-2023-47542 (6.7 medium) FortiManager - Code Injection via Jinja Template
    • FG-IR-23-288 CVE-2023-48785 (4.8 medium) FortiNAC-F - Lack of certificate validation
    • FG-IR-23-413 CVE-2023-48784 (6.7 medium) FortiOS - Format String in CLI command
    • FG-IR-23-224 CVE-2024-23662 (5.3 medium ) FortiOS - Web server ETag exposure
    • FG-IR-23-493 CVE-2023-41677 (7.5 high) FortiOS & FortiProxy - administrator cookie leakage
    • FG-IR-23-454 CVE-2024-23671 (8.1 high) FortiSandbox - Arbitrary file delete on endpoint
    • FG-IR-24-060 CVE-2024-31487 (5.9 medium) FortiSandbox - Arbitrary file read on endpoint
    • FG-IR-23-416 CVE-2023-47541 (6.7 medium) FortiSandbox - Arbitrary file write on CLI leading to arbitrary code execution
    • FG-IR-23-411 CVE-2023-47540 (6.7 medium) FortiSandbox - Command injection impacting CLI command
    • FG-IR-23-489 CVE-2024-21755 and CVE-2024-21756 (8.8 high) FortiSandbox - OS command injection on endpoint
    • FG-IR-24-009 CVE-2024-26014 (5.3 medium) SMTP Smuggling (analyst note: third party vulnerability)

    #PatchTuesday #Fortinet #FortiManager #vulnerability #FortiSandbox #FortiOS #FortiProxy

  12. Die kritische #Schwachstelle CVE-2024-21762 in #Fortinet #FortiOS / #FortiProxy wird aktiv ausgenutzt.
    CERT-Bund meldet IP-Adressen verwundbarer Geräte in Deutschland seit mehreren Wochen täglich an die zuständigen Netzbetreiber/Provider.
    Aktuell sind es noch immer ca. 2.200 IPs.
    twitter.com/Shadowserver/statu

  13. @heisec Och Leute. Ja, es gibt neue Advisories, aber weder gab es einen "#Patchday" noch wurde da was "zum März" geschlossen. Die Lücken sind seit über einem Monat zu. Ja, deren "Sicherheitsprodukte" sind an vielen Stellen zweifelhaft, aber wer seine Firewall nen Monat lang nicht aktualisiert, hat andere Probleme. Wenn schon so ein Clickbait, dann klärt es wenigstens im Artikel deutlich auf.

    #FortiNet #FortiOS

    social.heise.de/@heisec/112088