87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113)

Last week, CISA added CVE-2024-23113 – a critical vulnerability that allows unauthenticated remote code/command execution on unpatched Fortinet FortiGate firewalls – to its Known Exploited Vulnerabilities catalog, thus confirming that it&#8… Continue reading 87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113)

CISA and Fortinet Warns of New FortiOS Zero-Day Flaws

By Deeba Ahmed
Patch Now or Get Hacked: Researchers Confirm Potentially Active Exploitation of Fortinet Flaw in the Wild.
This is a post from HackRead.com Read the original post: CISA and Fortinet Warns of New FortiOS Zero-Day Flaws
Continue reading CISA and Fortinet Warns of New FortiOS Zero-Day Flaws

Fortinet patches pre-auth RCE, update your Fortigate firewalls ASAP! (CVE-2023-27997)

Fortinet has released several versions of FortiOS, the OS/firmware powering its Fortigate firewalls and other devices, without mentioning that they include a fix for CVE-2023-27997, a remote code execution (RCE) flaw that does not require the attacker … Continue reading Fortinet patches pre-auth RCE, update your Fortigate firewalls ASAP! (CVE-2023-27997)

Fortinet plugs critical RCE hole in FortiOS, FortiProxy (CVE-2023-25610)

Fortinet has patched 15 vulnerabilities in a variety of its products, including CVE-2023-25610, a critical flaw affecting devices running FortiOS and FortiProxy. None of the patched vulnerabilities is actively exploited, but Fortinet’s devices ar… Continue reading Fortinet plugs critical RCE hole in FortiOS, FortiProxy (CVE-2023-25610)

Report: Cyberespionage threat actor exploits CVE-2022-42475 FortiOS vulnerability

A possible Chinese cyberespionage actor has exploited a FortiOS vulnerability to successfully compromise companies.
The post Report: Cyberespionage threat actor exploits CVE-2022-42475 FortiOS vulnerability appeared first on TechRepublic.
Continue reading Report: Cyberespionage threat actor exploits CVE-2022-42475 FortiOS vulnerability

Backdoor into FortiOS: Chinese Threat Actors Utilize 0-Day

By Deeba Ahmed
Chinese hackers are exploiting a previously patched vulnerability found in Fortinet FortiOS SSL-VPN by using new malware called BOLDMOVE.
This is a post from HackRead.com Read the original post: Backdoor into FortiOS: Chinese Threat Acto… Continue reading Backdoor into FortiOS: Chinese Threat Actors Utilize 0-Day

FortiOS flaw was exploited to compromise governmental targets (CVE-2022-42475)

A critical vulnerability in FortiOS SSL-VPN (CVE-2022-42475) that Fortinet has issued patches for in November 2022 has been exploited by attackers to compromise governmental or government-related targets, the company has shared. Fortinet says the attac… Continue reading FortiOS flaw was exploited to compromise governmental targets (CVE-2022-42475)

Critical FortiOS pre-auth RCE vulnerability exploited by attackers (CVE-2022-42475)

A critical RCE vulnerability (CVE-2022-42475) in Fortinet’s operating system, FortiOS, is being exploited by attackers, reportedly by a ransomware group. “Fortinet is aware of an instance where this vulnerability was exploited in the wild,&… Continue reading Critical FortiOS pre-auth RCE vulnerability exploited by attackers (CVE-2022-42475)

Researchers release PoC for Fortinet firewall flaw, exploitation attempts mount

Horizon3.ai researchers have released a PoC exploit for CVE-2022-40684, the authentication bypass vulnerability affecting Fortinet‘s firewalls and secure web gateways, and soon after exploitation attempts started rising. “[On Thursday], the… Continue reading Researchers release PoC for Fortinet firewall flaw, exploitation attempts mount

The 15 most exploited vulnerabilities in 2021

In 2021, threat actors aggressively exploited newly disclosed critical software vulnerabilities to hit a broad set of targets worldwide, says the latest advisory published by the US Cybersecurity and Infrastructure Security Agency. Most exploited vulne… Continue reading The 15 most exploited vulnerabilities in 2021