Fortinet Archives - Securezoo

Fortinet releases security update for High severity FortiADC vulnerability (CVE-2022-39947)

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / January 4, 2023 / AV, CVE-2022-39947, DDoS, FortiADC, Fortinet, WAF

Fortinet has released a security advisory that addresses a Critical ‘command injection in web interface’
vulnerability (CVE-2022-39947) in multiple versions of FortiADC.

CISA adds 6 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include iOS, Microsoft, Fortinet, Citrix and Veeam vulnerabilities)

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / December 18, 2022 / Citrix, CVE-2022-26500, CVE-2022-26501, CVE-2022-27518, CVE-2022-42475, CVE-2022-42856, CVE-2022-44698, Defender, Fortinet, iOS, Microsoft, SmartScreen, VPN

The Cybersecurity and Infrastructure Security Agency (CISA) has added six vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include iOS, Microsoft, Fortinet, Citrix and Veeam vulnerabilities.

Zerobot botnet exploits 21 vulnerabilities to breach targets

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / December 11, 2022 / CVE-2022-01388, CVE-2022-22965, Fortinet, Spring4Shell, WebSocket, Zerobot

Security researchers have spotted a unique botnet dubbed Zerobot exploiting 21 IoT, network and other vulnerabilities, such as F5 BIG-IP, D-Link, Zyxel, Spring4Shell and other flaws.

Fortinet patches Critical risk vulnerability (CVE-2021-32589) in FortiOS, FortiProxy and FortiSwitchManager

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / October 16, 2022 / CVE-2021-32589, Fortinet, FortiOS, FortiProxy, FortiSwitchManager

Fortinet has patched a Critical risk vulnerability (CVE-2021-32589) in FortiOS, FortiProxy and FortiSwitchManager.

Iranian state-sponsored APT actors target Microsoft Exchange and Fortinet vulnerabilities

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / November 18, 2021 / APT, ChamelGang, CVE-2018-13379, CVE-2019-5591, CVE-2020-12812, CVE-2021-34473, Exchange, Fortigate, Fortinet, ProxyShell, VPN

Iranian state-sponsored advanced persistent threat (APT) actors have been targeting and exploiting Microsoft Exchange and Fortinet vulnerabilities.

Top 30 most commonly exploited vulnerabilities over 2020 and 2021

Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / July 29, 2021 / Atlassian, BIG-IP, Citrix, CVE 2018-13379, CVE 2019-11510, CVE 2019-18935, CVE 2020-15505, CVE 2020-5902, CVE-2017-11882, CVE-2018-13379, CVE-2018-7600, CVE-2019-0604, CVE-2019-11580, CVE-2019-19781, CVE-2019-5591, CVE-2020-0787, CVE-2020-12812, CVE-2020-1472, CVE-2021-21985, CVE-2021-22894, CVE-2021-22899, CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104, Drupal, F5, Fortinet, MobileIron, Netlogon, Office, Pulse, Zerologon

Cybersecurity experts from Australia, U.K., and U.S. governments have released a list of the most commonly exploited vulnerabilities over 2020 and 2021.

Fortinet patches High risk RCE vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / July 20, 2021 / CVE-2021-32589, FortiAnalyzer, FortiManager, Fortinet, RCE

Fortinet has patched a High risk use-after-free vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer fgfmsd daemon. An attacker could exploit the vulnerability to launch remote code execution (RCE) as root and take control of an impacted system.

Fortinet