Vulnerabilities fixed in Fortinet FortiSandbox, FortiAuthenticator and FortiClient

Fortinet has fixed vulnerabilities in FortiSandbox versions 4.4.8 and 5.0.5, FortiAuthenticator versions 6.3 to 6.6.6 and FortiClient versions 7.0, 7.2 and 7.4. The vulnerability in FortiSandbox involves Cross-site Scripting, which allows unauthenticated attackers to execute arbitrary commands vi...

Vulnerability fixed in FortiOS

Fortinet has fixed a vulnerability in FortiOS multiple versions. The vulnerability is in the way FortiOS handles memory allocation. Authenticated users can exploit this vulnerability by sending specially crafted requests, which can lead to the execution of unauthorized code. This can have serious...

PT-2025-32870

Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 6.4.0 through 6.4.15 and versions prior to 6.2.16 Fortinet FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8 and versions prior to 7.0.15 Fortinet FortiPAM versions prior to 1.2.0 Description: An...

Fortinet Releases Security Updates for Multiple Products

Fortinet released security updates to address vulnerabilities in multiple products, including OS and FortiProxy. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and...

Vulnerabilities fixed in Fortinet FortiClient

Fortinet has fixed vulnerabilities in FortiClient. A local malicious party can exploit the vulnerabilities to gain elevated permissions, bypass security measures and via DDL hijacking or by deleting arbitrary files to alter the operation of the system on which FortiClient is installed. manipulate...

Vulnerabilities fixed in Fortinet FortiNAC

Fortinet has fixed vulnerabilities in FortiNAC. A unauthenticated malicious person could exploit the vulnerabilities to execute arbitrary code or manipulate files on the FortiNAC system. This requires malicious network traffic must be sent to TCP port 1050 or 5555. Fortinet has released updates t...

Vulnerability fixed in Fortinet products

Vulnerabilities have been fixed in several products from Fortinet. The vulnerabilities allow a malicious party to execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Manipulation of data Circumvention of security measure Remote code execution...

Vulnerabilities fixed in Fortinet FortiWeb

Several vulnerabilities have been fixed in Fortinet FortiWeb. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Remote code execution User...