-
Mandiant says new Fortinet flaw has been exploited since June
A new Fortinet FortiManager flaw dubbed "FortiJump" and tracked as CVE-2024-47575 has been exploited since June 2024 in zero-day attacks on over 50 servers, according to a new report by Mandiant.
- October 24, 2024
- 01:05 AM
0
-
Fortinet warns of new critical FortiManager flaw used in zero-day attacks
Fortinet publicly disclosed today a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited in zero-day attacks to steal sensitive files containing configurations, IP addresses, and credentials for managed devices.
- October 23, 2024
- 11:05 AM
1
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
CISA says critical Fortinet RCE flaw now exploited in attacks
Today, CISA revealed that attackers actively exploit a critical FortiOS remote code execution (RCE) vulnerability in the wild.
- October 09, 2024
- 06:07 PM
- 0
-
Fortinet confirms data breach after hacker claims to steal 440GB of files
Cybersecurity giant Fortinet has confirmed it suffered a data breach after a threat actor claimed to steal 440GB of files from the company's Microsoft Sharepoint server.
- September 12, 2024
- 02:01 PM
- 7
-
Sponsored Content
Is your cybersecurity vendor transparent about vulnerability fixes?
Transparent disclosure empowers consumers with the information they need to to safeguard their assets effectively. Learn more from Fortinet about choosing a vendor that is transparent with their bug fixes.
- June 24, 2024
- 10:02 AM
- 0
-
Chinese hackers breached 20,000 FortiGate systems worldwide
The Dutch Military Intelligence and Security Service (MIVD) warned today that the impact of a Chinese cyber-espionage campaign unveiled earlier this year is "much larger than previously known."
- June 11, 2024
- 12:22 PM
- 3
-
Exploit released for maximum severity Fortinet RCE bug, patch now
Security researchers have released a proof-of-concept (PoC) exploit for a maximum-severity vulnerability in Fortinet's security information and event management (SIEM) solution, which was patched in February.
- May 28, 2024
- 12:16 PM
- 0
-
Exploit released for Fortinet RCE bug used in attacks, patch now
Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks.
- March 21, 2024
- 11:17 AM
- 0
-
Fortinet warns of critical RCE bug in endpoint management software
Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server (EMS) software that can allow attackers to gain remote code execution (RCE) on vulnerable servers.
- March 13, 2024
- 02:48 PM
- 0
-
Critical Fortinet flaw may impact 150,000 exposed devices
Scans on the public web show that approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to CVE-2024-21762, a critical security issue that allows executing code without authentication.
- March 08, 2024
- 03:37 PM
- 3
-
New Fortinet RCE bug is actively exploited, CISA confirms
CISA confirmed today that attackers are actively exploiting a critical remote code execution (RCE) bug patched by Fortinet on Thursday.
- February 09, 2024
- 04:02 PM
- 3
-
New Fortinet RCE flaw in SSL VPN likely exploited in attacks
Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks.
- February 08, 2024
- 06:11 PM
- 1
-
Fortinet warns of new FortiSIEM RCE bugs in confusing disclosure
Fortinet is warning of two new unpatched patch bypasses for a critical remote code execution vulnerability in FortiSIEM, Fortinet's SIEM solution.
- February 07, 2024
- 07:55 PM
- 0
-
Chinese hackers infect Dutch military network with malware
A Chinese cyber-espionage group breached the Dutch Ministry of Defence last year and deployed malware on compromised devices, according to the Military Intelligence and Security Service (MIVD) of the Netherlands.
- February 06, 2024
- 01:49 PM
- 0
-
Fortinet warns of critical command injection bug in FortiSIEM
Fortinet is alerting customers of a critical OS command injection vulnerability in FortiSIEM report server that could be exploited by remote, unauthenticated attackers to execute commands through specially crafted API requests.
- November 16, 2023
- 10:20 AM
- 0
-
Iranian hackers breach US aviation org via ManageEngine, Fortinet bugs
State-backed hacking groups have breached a U.S. aeronautical organization using exploits targeting critical Zoho ManageEngine and Fortinet vulnerabilities, a joint advisory published by CISA, the FBI, and the United States Cyber Command (USCYBERCOM) revealed on Thursday.
- September 07, 2023
- 05:32 PM
- 0
-
Fortinet warns of critical RCE flaw in FortiOS, FortiProxy devices
Fortinet has disclosed a critical severity flaw impacting FortiOS and FortiProxy, allowing a remote attacker to perform arbitrary code execution on vulnerable devices.
- July 12, 2023
- 10:40 AM
- 0
-
300,000+ Fortinet firewalls vulnerable to critical FortiOS RCE bug
Hundreds of thousands of FortiGate firewalls are vulnerable to a critical security issue identified as CVE-2023-27997, almost a month after Fortinet released an update that addresses the problem.
- July 03, 2023
- 07:54 AM
- 1
-
Fortinet fixes critical FortiNAC remote command execution flaw
Cybersecurity solutions company Fortinet has updated its zero-trust access solution FortiNAC to address a critical-severity vulnerability that attackers could leverage to execute code and commands.
- June 23, 2023
- 08:42 AM
- 0
-
Fortinet: New FortiOS RCE bug "may have been exploited" in attacks
Fortinet says a critical FortiOS SSL VPN vulnerability that was patched last week "may have been exploited" in attacks impacting government, manufacturing, and critical infrastructure organizations.
- June 12, 2023
- 05:53 PM
- 0
