#fortios — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #fortios, aggregated by home.social.
-
FortiBleed: The ongoing Fortinet / FortiGate compromise campaign
Fortinet edge devices are being targeted in a large-scale compromise campaign involving exposed management interfaces, FortiCloud SSO abuse, credential theft, brute forcing, config exports, and suspicious admin account creation.
This should be treated as a compromise-assessment event, not just a normal patch cycle.
Admins should patch FortiOS, review all local admin accounts, rotate credentials and shared secrets, check for config exports, enforce MFA, and restrict management access to trusted IPs or VPN-only access.
Full details:
https://forum.hashpwn.net/post/14105#fortinet #fortigate #fortibleed #fortios #forticloud #cybersecurity #vpn #hashpwn
-
Bitte schnell die betroffenen Systeme aktualisieren und sich einen neuen Hersteller des Vertrauens suchen... z.B. #CheckPoint 🫳 🎤
#Fortinet #FortiCloud #FortiOS #FortiManager #FortiWeb #FortiProxy #FortiAnalyzer #Sicherheitsluecke #EUVD_2026_4712 #CVE_2026_24858
-
Si vous administrez des FortiGate/FortiOS : des admins signalent un contournement du patch de la vulnérabilité critique CVE-2025-59718 (FortiCloud SSO https://fortiguard.fortinet.com/psirt/FG-IR-25-647 ) → compromission possible même sur des firewalls « patchés » (ex. 7.4.9/7.4.10).
( https://www.reddit.com/r/fortinet/comments/1qibdcb/possible_new_sso_exploit_cve202559718_on_749/ )
Préreq : “Allow administrative login using FortiCloud SSO” activé (souvent après enregistrement FortiCare).
Mitigation : désactiver admin-forticloud-sso-login + restreindre l’accès admin + vérifier logs/nouveaux comptes.
Chaîne d'exploitation: CVE-2025-59718 (+ CVE-2025-59719 côté FortiWeb) ➡️ envoi de messages SAML forgés ➡️ bypass de vérification de signature ➡️ accès admin non autorisé.
[Références]
"Fortinet admins report patched FortiGate firewalls getting hacked"
👇
https://www.bleepingcomputer.com/news/security/fortinet-admins-report-patched-fortigate-firewalls-getting-hacked/ -
A coordinated brute-force campaign has targeted Fortinet SSL VPNs, over 780 unique IPs launched credential attacks on August 3, followed by a change of target from FortiOS to FortiManager.
Read: https://hackread.com/brute-force-campaign-fortinet-ssl-vpn-coordinated-attack/
#Cybersecurity #Fortinet #BruteForce #CyberAttack #FortiOS #FortiManager
-
A coordinated brute-force campaign has targeted Fortinet SSL VPNs, over 780 unique IPs launched credential attacks on August 3, followed by a change of target from FortiOS to FortiManager.
Read: https://hackread.com/brute-force-campaign-fortinet-ssl-vpn-coordinated-attack/
#Cybersecurity #Fortinet #BruteForce #CyberAttack #FortiOS #FortiManager
-
Critical vulnerability allows attackers to bypass authentication on Fortinet devices. Is your network infrastructure at risk? Discover which versions are vulnerable and how to protect your systems immediately.
#SecurityLand #CyberWatch #CyberSecurity #Fortinet #Vulnerability #FortiOS
-
Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit – Source: www.securityweek.com https://ciso2ciso.com/threat-actor-allegedly-selling-fortinet-firewall-zero-day-exploit-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Malware&Threats #vulnerabilities #securityweekcom #CVE-2022-42475 #CVE-2023-27997 #CVE-2024-21762 #securityweek #ThreatMon #FEATURED #Fortinet #FortiOS
-
Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit – Source: www.securityweek.com https://ciso2ciso.com/threat-actor-allegedly-selling-fortinet-firewall-zero-day-exploit-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Malware&Threats #vulnerabilities #securityweekcom #CVE-2022-42475 #CVE-2023-27997 #CVE-2024-21762 #securityweek #ThreatMon #FEATURED #Fortinet #FortiOS
-
Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit – Source: www.securityweek.com https://ciso2ciso.com/threat-actor-allegedly-selling-fortinet-firewall-zero-day-exploit-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Malware&Threats #vulnerabilities #securityweekcom #CVE-2022-42475 #CVE-2023-27997 #CVE-2024-21762 #securityweek #ThreatMon #FEATURED #Fortinet #FortiOS
-
Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit – Source: www.securityweek.com https://ciso2ciso.com/threat-actor-allegedly-selling-fortinet-firewall-zero-day-exploit-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Malware&Threats #vulnerabilities #securityweekcom #CVE-2022-42475 #CVE-2023-27997 #CVE-2024-21762 #securityweek #ThreatMon #FEATURED #Fortinet #FortiOS
-
Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit https://www.securityweek.com/threat-actor-allegedly-selling-fortinet-firewall-zero-day-exploit/ #Malware&Threats #Vulnerabilities #CVE202242475 #CVE202327997 #CVE202421762 #ThreatMon #Fortinet #FortiOS
-
Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit https://www.securityweek.com/threat-actor-allegedly-selling-fortinet-firewall-zero-day-exploit/ #Malware&Threats #Vulnerabilities #CVE202242475 #CVE202327997 #CVE202421762 #ThreatMon #Fortinet #FortiOS
-
Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit https://www.securityweek.com/threat-actor-allegedly-selling-fortinet-firewall-zero-day-exploit/ #Malware&Threats #Vulnerabilities #CVE202242475 #CVE202327997 #CVE202421762 #ThreatMon #Fortinet #FortiOS
-
Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit https://www.securityweek.com/threat-actor-allegedly-selling-fortinet-firewall-zero-day-exploit/ #Malware&Threats #Vulnerabilities #CVE202242475 #CVE202327997 #CVE202421762 #ThreatMon #Fortinet #FortiOS
-
Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit https://www.securityweek.com/threat-actor-allegedly-selling-fortinet-firewall-zero-day-exploit/ #Malware&Threats #Vulnerabilities #CVE202242475 #CVE202327997 #CVE202421762 #ThreatMon #Fortinet #FortiOS
-
Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit https://www.securityweek.com/threat-actor-allegedly-selling-fortinet-firewall-zero-day-exploit/ #Malware&Threats #Vulnerabilities #CVE202242475 #CVE202327997 #CVE202421762 #ThreatMon #Fortinet #FortiOS
-
Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit https://www.securityweek.com/threat-actor-allegedly-selling-fortinet-firewall-zero-day-exploit/ #Malware&Threats #Vulnerabilities #CVE202242475 #CVE202327997 #CVE202421762 #ThreatMon #Fortinet #FortiOS
-
Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit https://www.securityweek.com/threat-actor-allegedly-selling-fortinet-firewall-zero-day-exploit/ #Malware&Threats #Vulnerabilities #CVE202242475 #CVE202327997 #CVE202421762 #ThreatMon #Fortinet #FortiOS
-
Symbolic Link trick lets attackers bypass FortiGate patches, Fortinet warns – Source: securityaffairs.com https://ciso2ciso.com/symbolic-link-trick-lets-attackers-bypass-fortigate-patches-fortinet-warns-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #Fortinet #FortiOS #hacking
-
Symbolic Link trick lets attackers bypass FortiGate patches, Fortinet warns – Source: securityaffairs.com https://ciso2ciso.com/symbolic-link-trick-lets-attackers-bypass-fortigate-patches-fortinet-warns-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #Fortinet #FortiOS #hacking
-
Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices https://www.helpnetsecurity.com/2025/04/11/fortios-fortigate-vulnerabilities-symlink-trick-limited-access/ #vulnerability #Don'tmiss #Hotstuff #Fortinet #FortiOS #News #BSI
-
Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices https://www.helpnetsecurity.com/2025/04/11/fortios-fortigate-vulnerabilities-symlink-trick-limited-access/ #vulnerability #Don'tmiss #Hotstuff #Fortinet #FortiOS #News #BSI
-
FortiOS Vulnerability Allows Super-Admin Privilege Escalation – Patch Now! – Source:hackread.com https://ciso2ciso.com/fortios-vulnerability-allows-super-admin-privilege-escalation-patch-now-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #Vulnerability #Hackread #security #FortiOS
-
FortiOS Vulnerability Allows Super-Admin Privilege Escalation – Patch Now! – Source:hackread.com https://ciso2ciso.com/fortios-vulnerability-allows-super-admin-privilege-escalation-patch-now-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #Vulnerability #Hackread #security #FortiOS
-
FortiOS Vulnerability Allows Super-Admin Privilege Escalation – Patch Now! https://hackread.com/fortios-vulnerability-super-admin-privilege-escalation/ #Cybersecurity #Vulnerability #Security #FortiOS
-
FortiOS Vulnerability Allows Super-Admin Privilege Escalation – Patch Now! https://hackread.com/fortios-vulnerability-super-admin-privilege-escalation/ #Cybersecurity #Vulnerability #Security #FortiOS
-
🚨 A critical #FortiOS vulnerability (CVE-2024-40591) allows privilege escalation to super-admin level! Affected versions: 7.6.0, 7.4.x, 7.2.x, 7.0.x, and all 6.4. Update ASAP!
Read: https://hackread.com/fortios-vulnerability-super-admin-privilege-escalation/
-
🚨 A critical #FortiOS vulnerability (CVE-2024-40591) allows privilege escalation to super-admin level! Affected versions: 7.6.0, 7.4.x, 7.2.x, 7.0.x, and all 6.4. Update ASAP!
Read: https://hackread.com/fortios-vulnerability-super-admin-privilege-escalation/
-
В тренде VM: под угрозой продукты Microsoft и Fortinet, а также архиватор 7-Zip
Хабр, привет! И вновь на связи я Александр Леонов, ведущий эксперт лаборатории PT Expert Security Center и дежурный по самым опасным уязвимостям месяца. Мы с командой аналитиков Positive Technologies каждый месяц исследуем информацию об уязвимостях из баз и бюллетеней безопасности вендоров, социальных сетей, блогов, телеграм-каналов, баз эксплойтов, публичных репозиториев кода и выявляем во всем этом многообразии сведений трендовые уязвимости. Это те уязвимости, которые либо уже эксплуатируются вживую, либо будут эксплуатироваться в ближайшее время. В новый дайджест мы отнесли к трендовым восемь уязвимостей.
https://habr.com/ru/companies/pt/articles/881550/
#трендовые_уязвимости #microsoft #ole #rce #websocket #nodejs #fortios #7zip #maxpatrol_vm #управление_уязвимостями
-
#fortiguard #psirt #fortios #security https://fortiguard.fortinet.com/psirt/FG-IR-24-535 lol :clippy: :cate: :KEKW:
-
#fortiguard #psirt #fortios #security https://fortiguard.fortinet.com/psirt/FG-IR-24-535 lol :clippy: :cate: :KEKW:
-
"Explotación masiva" de los firewalls de Fortinet con ataques de día cero 0-day https://blog.elhacker.net/2025/01/explotacion-masiva-firewalls-fortinet-ataques-0-day.html #vulnerabilidad #firewall #fortinet #fortios #0-day #cve
-
"Explotación masiva" de los firewalls de Fortinet con ataques de día cero 0-day https://blog.elhacker.net/2025/01/explotacion-masiva-firewalls-fortinet-ataques-0-day.html #vulnerabilidad #firewall #fortinet #fortios #0-day #cve
-
#Fortinet have dropped 29 security updates today, 14 of which are rated "high" or "critical". Have fun everyone. (Fortunately, only one 'low' affects our stuff but FFS, come on)
-
#Fortinet have dropped 29 security updates today, 14 of which are rated "high" or "critical". Have fun everyone. (Fortunately, only one 'low' affects our stuff but FFS, come on)
-
87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) https://www.helpnetsecurity.com/2024/10/15/cve-2024-23113/ #vulnerability #Shadowserver #enterprise #Don'tmiss #WatchTowr #Hotstuff #Fortinet #FortiOS #News #CVE
-
87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) https://www.helpnetsecurity.com/2024/10/15/cve-2024-23113/ #vulnerability #Shadowserver #enterprise #Don'tmiss #WatchTowr #Hotstuff #Fortinet #FortiOS #News #CVE
-
Weekly Vulnerability Report: Critical Security Flaws Identified by Cyble in GitHub, FortiOS, and PHP https://thecyberexpress.com/weekly-vulnerability-report-security-flaws/ #criticalvulnerabilities #ThreatIntelligenceNews #TheCyberExpressNews #CybersecurityNews #VulnerabilityNews #PHPvulnerability #Vulnerabilities #TheCyberExpress #FirewallDaily #FortiOS #GitHub
-
Weekly Vulnerability Report: Critical Security Flaws Identified by Cyble in GitHub, FortiOS, and PHP https://thecyberexpress.com/weekly-vulnerability-report-security-flaws/ #criticalvulnerabilities #ThreatIntelligenceNews #TheCyberExpressNews #CybersecurityNews #VulnerabilityNews #PHPvulnerability #Vulnerabilities #TheCyberExpress #FirewallDaily #FortiOS #GitHub
-
Fortinet fixed a critical remote code execution bug in FortiClientLinux – Source: securityaffairs.com https://ciso2ciso.com/fortinet-fixed-a-critical-remote-code-execution-bug-in-forticlientlinux-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #Fortinet #Security #FortiOS #hacking
-
Fortinet fixed a critical remote code execution bug in FortiClientLinux – Source: securityaffairs.com https://ciso2ciso.com/fortinet-fixed-a-critical-remote-code-execution-bug-in-forticlientlinux-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #Fortinet #Security #FortiOS #hacking
-
Happy Patch Tuesday from your friends at Fortinet. 13 security advisories, 15 vulnerabilities. No mention of exploitation in the wild:
- FG-IR-23-087 CVE-2023-45590 (9.6 critical) [FortiClient Linux] Remote Code Execution due to dangerous nodejs configuration
- FG-IR-23-345 CVE-2023-45588 and CVE-2024-31492 (8.2 high) FortiClientMac - Lack of configuration file validation
- FG-IR-23-419 CVE-2023-47542 (6.7 medium) FortiManager - Code Injection via Jinja Template
- FG-IR-23-288 CVE-2023-48785 (4.8 medium) FortiNAC-F - Lack of certificate validation
- FG-IR-23-413 CVE-2023-48784 (6.7 medium) FortiOS - Format String in CLI command
- FG-IR-23-224 CVE-2024-23662 (5.3 medium ) FortiOS - Web server ETag exposure
- FG-IR-23-493 CVE-2023-41677 (7.5 high) FortiOS & FortiProxy - administrator cookie leakage
- FG-IR-23-454 CVE-2024-23671 (8.1 high) FortiSandbox - Arbitrary file delete on endpoint
- FG-IR-24-060 CVE-2024-31487 (5.9 medium) FortiSandbox - Arbitrary file read on endpoint
- FG-IR-23-416 CVE-2023-47541 (6.7 medium) FortiSandbox - Arbitrary file write on CLI leading to arbitrary code execution
- FG-IR-23-411 CVE-2023-47540 (6.7 medium) FortiSandbox - Command injection impacting CLI command
- FG-IR-23-489 CVE-2024-21755 and CVE-2024-21756 (8.8 high) FortiSandbox - OS command injection on endpoint
- FG-IR-24-009 CVE-2024-26014 (5.3 medium) SMTP Smuggling (analyst note: third party vulnerability)
#PatchTuesday #Fortinet #FortiManager #vulnerability #FortiSandbox #FortiOS #FortiProxy
-
Fortinet SSL VPN Exploit Up for Sale on Dark Web https://thecyberexpress.com/cve-2024-21762-exploit-sale/ #CVE202421762ExploitSale #remotecodeexecution #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202421762 #FortiProxy #FortiOS #SSLVPN
-
Die kritische #Schwachstelle CVE-2024-21762 in #Fortinet #FortiOS / #FortiProxy wird aktiv ausgenutzt.
CERT-Bund meldet IP-Adressen verwundbarer Geräte in Deutschland seit mehreren Wochen täglich an die zuständigen Netzbetreiber/Provider.
Aktuell sind es noch immer ca. 2.200 IPs.
https://twitter.com/Shadowserver/status/1769684116994183171 -
@heisec Och Leute. Ja, es gibt neue Advisories, aber weder gab es einen "#Patchday" noch wurde da was "zum März" geschlossen. Die Lücken sind seit über einem Monat zu. Ja, deren "Sicherheitsprodukte" sind an vielen Stellen zweifelhaft, aber wer seine Firewall nen Monat lang nicht aktualisiert, hat andere Probleme. Wenn schon so ein Clickbait, dann klärt es wenigstens im Artikel deutlich auf.