Security News

The volume of Fortinet boxes exposed to the public internet and vulnerable to a month-old critical security flaw in FortiOS is still extremely high, despite a gradual increase in patching. According to security nonprofit Shadowserver's latest data, the number of Fortinet appliances vulnerable to CVE-2024-21762 stands at more than 133,000 - down only slightly from more than 150,000 ten days prior.

Fortinet has alerted users to a severe vulnerability in FortiClientEMS, enabling potential attacker-driven code execution.This SQL Injection flaw, identified as CVE-2023-48788 with a 9.3 CVSS score, affects FortiClientEMS versions 7.2.0 to 7.2.2 and 7.0.1 to 7.0.10; users should upgrade to safer versions. Credits for the discovery go to Thiago Santana and the U.K.'s NCSC.

Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server software that can allow attackers to gain remote code execution on vulnerable servers. Last month, Fortinet disclosed a critical remote code execution bug in the FortiOS operating system and the FortiProxy secure web proxy, which the company tagged as "Potentially being exploited in the wild."

Scans on the public web show that approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to CVE-2024-21762, a critical security issue that allows executing code without authentication. America's Cyber Defense Agency CISA confirmed last month that attackers are actively exploiting the flaw by adding it to its Known Exploited Vulnerabilities catalog.

Fortinet has patched critical remote code execution vulnerabilities in FortiOS, one of which is "Potentially" being exploited in the wild. The exploitation-in-the-wild has been confirmed by CISA, by adding it to its Known Exploited Vulnerabilities catalog, though details about the attacks are still undisclosed.

CISA confirmed today that attackers are actively exploiting a critical remote code execution bug patched by Fortinet on Thursday. CISA's announcement comes one day after Fortinet published a security advisory saying the flaw was "Potentially being exploited in the wild."

The only workaround recommended by Fortinet is to disable the SSL VPN. Disabling webmode won't mitigate the vulnerability, it said. Firstly, Fortinet backtracked and said these weren't vulnerabilities at all, instead explaining that they were issued in error and were duplicates of the single vulnerability mentioned in the aforementioned October advisory - CVE-2023-34992.

Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the...

Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks.For those unable to apply patches, you can mitigate the flaw by disabling SSL VPN on your FortiOS devices.

Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected...