Lucene search
K

8 matches found

The Hacker News
The Hacker News
added 2025/12/16 10:58 a.m.13 views

Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass

Threat actors have begun to exploit two newly disclosed security flaws in Fortinet FortiGate devices, less than a week after public disclosure. Cybersecurity company Arctic Wolf said it observed active intrusions involving malicious single sign-on SSO logins on FortiGate appliances on December 12...

9.8CVSS8AI score0.65825EPSS
Exploits1
CISA
CISA
added 2025/04/11 12:0 p.m.10 views

Fortinet Releases Advisory on New Post-Exploitation Technique for Known Vulnerabilities

Fortinet is aware of a threat actor creating a malicious file from previously exploited Fortinet vulnerabilities CVE-2024-21762, CVE-2023-27997, and CVE-2022-42475 within FortiGate products. This malicious file could enable read-only access to files on the device's file system, which may include...

9.8CVSS7.6AI score0.99474EPSS
In wildExploits29References3
Tenable Nessus
Tenable Nessus
added 2025/04/08 12:0 a.m.39 views

Fortinet Fortigate No certificate name verification for fgfm connection (FG-IR-24-046)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the FG-IR-24-046 advisory. - A improper restriction of communication channel to intended endpoints vulnerability CWE-923 in Fortinet FortiOS...

7.5CVSS5.6AI score0.00457EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/11 12:0 a.m.26 views

Fortinet Fortigate Multiple format string vulnerabilities (FG-IR-24-325)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-325 advisory. - A use of externally-controlled format string vulnerability CWE-134 in FortiOS version 7.4.0 through 7.4.4, version 7.2.0...

7.2CVSS5.9AI score0.00679EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/10/28 12:0 a.m.24 views

Fortinet Fortigate Slow HTTP DoS Attacks Mitigation (FG-IR-19-013)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the FG-IR-19-013 advisory. - An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2,...

7.5CVSS7.5AI score0.71634EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/10/26 12:0 a.m.24 views

Fortinet Fortigate Out-of-bounds Write in captive portal (FG-IR-23-328)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the FG-IR-23-328 advisory. - A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0...

9.8CVSS9.1AI score0.03279EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/10/26 12:0 a.m.15 views

Fortinet Fortigate Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification (FragAttacks) (FG-IR-21-071)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-071 advisory. - The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't...

2.6CVSS7AI score0.02592EPSS
Exploits2References4
CISA
CISA
added 2023/11/14 12:0 p.m.14 views

Fortinet Releases Security Updates for FortiClient and FortiGate

Fortinet has released security advisories addressing vulnerabilities in FortiClient and FortiGate. Cyber threat actors may exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Fortinet security advisories and...

9.8CVSS8.3AI score0.78483EPSS
Exploits6References3
Rows per page
Query Builder