Security News

Cybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun...

Fortinet has released patches to address a critical security flaw impacting FortiClientLinux that could be exploited to achieve arbitrary code execution. Tracked as CVE-2023-45590, the...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation....

Security researchers have released a proof-of-concept exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server software, which is now actively exploited in attacks.On Thursday, one week after Fortinet released security updates to address the security flaw, security researchers with Horizon3's Attack Team published a technical analysis and shared a proof-of-concept exploit that helps confirm if a system is vulnerable without providing remote code execution capabilities.

The volume of Fortinet boxes exposed to the public internet and vulnerable to a month-old critical security flaw in FortiOS is still extremely high, despite a gradual increase in patching. According to security nonprofit Shadowserver's latest data, the number of Fortinet appliances vulnerable to CVE-2024-21762 stands at more than 133,000 - down only slightly from more than 150,000 ten days prior.

Fortinet has alerted users to a severe vulnerability in FortiClientEMS, enabling potential attacker-driven code execution.This SQL Injection flaw, identified as CVE-2023-48788 with a 9.3 CVSS score, affects FortiClientEMS versions 7.2.0 to 7.2.2 and 7.0.1 to 7.0.10; users should upgrade to safer versions. Credits for the discovery go to Thiago Santana and the U.K.'s NCSC.

Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server software that can allow attackers to gain remote code execution on vulnerable servers. Last month, Fortinet disclosed a critical remote code execution bug in the FortiOS operating system and the FortiProxy secure web proxy, which the company tagged as "Potentially being exploited in the wild."

Scans on the public web show that approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to CVE-2024-21762, a critical security issue that allows executing code without authentication. America's Cyber Defense Agency CISA confirmed last month that attackers are actively exploiting the flaw by adding it to its Known Exploited Vulnerabilities catalog.

Fortinet has patched critical remote code execution vulnerabilities in FortiOS, one of which is "Potentially" being exploited in the wild. The exploitation-in-the-wild has been confirmed by CISA, by adding it to its Known Exploited Vulnerabilities catalog, though details about the attacks are still undisclosed.

CISA confirmed today that attackers are actively exploiting a critical remote code execution bug patched by Fortinet on Thursday. CISA's announcement comes one day after Fortinet published a security advisory saying the flaw was "Potentially being exploited in the wild."