Tag: Fortinet

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: FortiOS CLI command bypass vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: FortiOS CLI command bypass vulnerability

Fortinet has disclosed a high-severity vulnerability in FortiOS, identified as CVE-2025-58325, which has a CVSS score of 7.8. This flaw could allow local authenticated attackers to execute arbitrary system commands. The vulnerability stems from improper input validation in the FortiOS...

/ October 20, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: FortiWeb critical SQL injection vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: FortiWeb critical SQL injection vulnerability

A high-severity SQL injection vulnerability, CVE-2025-25257, in Fortinet FortiWeb enables pre-authenticated remote code execution (RCE). It has a  a CVSS score of 9.8. Review the details in this Cybersecurity Threat Advisory to keep your environment safe. What is the threat?...

/ July 17, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Fortinet authentication bypass vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Fortinet authentication bypass vulnerability

A critical vulnerability was identified in Fortinet’s FortiProxy, FortiSwitchManager, and FortiOS products. This vulnerability, CVE-2025-22252, enables an attacker who possess knowledge of an existing administrative account to bypass authentication and gain unauthorized access to the device as a valid administrator....

/ June 4, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Fortinet admin password change flaw
FeaturedSecurity

Cybersecurity Threat Advisory: Critical Fortinet admin password change flaw

Fortinet has recently addressed a critical vulnerability in its FortiSwitch products, identified as CVE-2024-48887, with a CVSS score of 9.3. This “unverified password change” flaw allows remote, unauthenticated attackers to modify administrator passwords through specially crafted requests to the FortiSwitch...

/ April 16, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Fortinet zero-day vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Fortinet zero-day vulnerability

A critical zero-day vulnerability has been found affecting Fortinet FortiOS and FortiProxy devices. This vulnerability enables attackers to bypass authentication and gain privileges. Keep reading this Cybersecurity Threat Advisory for information to keep your environment safe. What is the threat?...

/ January 15, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: FortiManager API vulnerability exploited
FeaturedSecurity

Cybersecurity Threat Advisory: FortiManager API vulnerability exploited

Fortinet has publicly disclosed a vulnerability in the FortiManager API. The vulnerability, tracked as CVE-2024-47575 and dubbed ‘FortiJump,’ has been exploited as a zero-day since at least June 2024. Organizations using vulnerable FortiManager versions should review this Cybersecurity Threat Advisory...

/ October 25, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Fortinet FortiClientEMS critical vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Fortinet FortiClientEMS critical vulnerability

Fortinet has released security updates for an unauthorized code execution vulnerability impacting their FortiClientEMS (Endpoint Management Server) product. The vulnerability, CVE-2023-48788, is related to a flaw that allows unauthenticated malicious actors to execute code or commands onto the server via...

/ March 18, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Fortinet vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Critical Fortinet vulnerability

A critical vulnerability is affecting many Fortinet devices. Approximately 150,000 Fortinet OS and FortiProxy Secure Web Gateway systems are believed to be exposed to this flaw. Continue reading this Cybersecurity Threat Advisory to learn how you can mitigate the potential...

/ March 14, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical vulnerability in FortiOS
FeaturedSecurity

Cybersecurity Threat Advisory: Critical vulnerability in FortiOS

Fortinet has disclosed a critical vulnerability affecting FortiOS, the operating system that runs on Fortigate SSL VPNs. The vulnerability known as CVE-2024-21762, received a CVSS score of 9.6. Please review the following recommendations in this Cybersecurity Threat Advisory to mitigate...

/ February 13, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Patches for critical vulnerabilities
FeaturedSecurity

Cybersecurity Threat Advisory: Patches for critical vulnerabilities

Security patches were recently released from various vendors including Cisco, Fortinet, and VMware. Read this Cybersecurity Threat Advisory as it shares the impact of each of the vulnerabilities and how to mitigate the risks they pose. What is the threat?...

/ February 9, 2024
1 2