heise online

Patch now! Attackers bypass authentication in Fortinet products

If SSO login is enabled in FortiOS, FortiProxy, FortiSwitchManager, and FortiWeb, systems are vulnerable. Currently, attackers are exploiting two “critical” vulnerabilities in this context and ...
TechRadar

Fortinet products hit by further security flaws - giving hackers access to systems and more

Two critical SAML‑signature flaws (CVE‑2025‑59718/59719) let attackers bypass SSO across multiple Fortinet products Exploitation began December 12, with intruders pulling config files that expose ...
Dark Reading

Critical Fortinet Flaws Under Active Attack

The US Cybersecurity and Infrastructure Security Agency (CISA) has added a recently disclosed security flaw affecting multiple Fortinet network security and management platforms to its known exploited ...
CSOonline

FortiGate firewall credentials being stolen after vulnerabilities discovered

Threat actors aren’t wasting time taking advantage of newly-revealed vulnerabilities in Fortinet device authentication. Researchers at Arctic Wolf said they are seeing malicious single sign on (SSO) ...
Geeky Gadgets

Build a Safer UniFi Setup with VLANs, Zone-Based Firewalls, and Smart mDNS Rules

Imagine this: your smart home devices, guest Wi-Fi, and workstations all coexist on the same network. A single compromised IoT device could expose sensitive data or disrupt your entire system. It’s a ...
ITWire

Critical vulnerabilities in multiple Fortinet products - FortiCloud SSO Login Authentication Bypass [CRITICAL ALERT]

Fortinet has identified multiple critical vulnerabilities in a number of Fortinet Products, and this alert is rated as CRITICAL, so please read on! Security in today's world can NEVER be taken lightly ...
heise online

Fortinet Patch Day: SSO Login Bypassable in Many Products

Attackers can target various Fortinet products and gain unauthorized access, among other things. Security updates are available for download. So far, no reports of ongoing attacks are known. However, ...
CSOonline

Fortinet admins urged to update software to close FortiCloud SSO holes

Vulnerabilities could allow an attacker to bypass single sign-on login protection; users should disable SSO until patching is complete. Admins using FortiCloud SSO (single sign on) to authenticate ...
Bleeping Computer

Fortinet warns of critical FortiCloud SSO login auth bypass flaws

Fortinet has released security updates to address two critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCloud SSO ...
SDxCentral

Palo Alto Networks and Fortinet given all clear after firewall hiccups

Palo Alto Networks and Fortinet have received a clean bill of health for their firewall protections, while the jury is still out on current Cisco defenses. CyberRatings.org recommended both Palo Alto ...
TechRadar

Fortinet admits it found another worrying zero-day being exploited in attacks

Fortinet has issued an urgent patch for a high-severity vulnerability in FortiWeb which is apparently being abused in the wild. FortiWeb is the company’s dedicated web application firewall (WAF), ...