Fortinet Archives - Securezoo

Fortinet releases security update for High severity FortiADC vulnerability (CVE-2022-39947)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / January 4, 2023 / AV, CVE-2022-39947, DDoS, FortiADC, Fortinet, WAF

Fortinet has released a security advisory that addresses a Critical ‘command injection in web interface’
vulnerability (CVE-2022-39947) in multiple versions of FortiADC.

Fortinet releases security update for High severity FortiADC vulnerability (CVE-2022-39947) Read More »

CISA adds 6 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include iOS, Microsoft, Fortinet, Citrix and Veeam vulnerabilities)

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / December 18, 2022 / Citrix, CVE-2022-26500, CVE-2022-26501, CVE-2022-27518, CVE-2022-42475, CVE-2022-42856, CVE-2022-44698, Defender, Fortinet, iOS, Microsoft, SmartScreen, VPN

The Cybersecurity and Infrastructure Security Agency (CISA) has added six vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include iOS, Microsoft, Fortinet, Citrix and Veeam vulnerabilities.

CISA adds 6 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include iOS, Microsoft, Fortinet, Citrix and Veeam vulnerabilities) Read More »

Zerobot botnet exploits 21 vulnerabilities to breach targets

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / Frank Crast / December 11, 2022 / CVE-2022-01388, CVE-2022-22965, Fortinet, Spring4Shell, WebSocket, Zerobot

Security researchers have spotted a unique botnet dubbed Zerobot exploiting 21 IoT, network and other vulnerabilities, such as F5 BIG-IP, D-Link, Zyxel, Spring4Shell and other flaws.

Zerobot botnet exploits 21 vulnerabilities to breach targets Read More »

Fortinet patches Critical risk vulnerability (CVE-2021-32589) in FortiOS, FortiProxy and FortiSwitchManager

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / October 16, 2022 / CVE-2021-32589, Fortinet, FortiOS, FortiProxy, FortiSwitchManager

Fortinet has patched a Critical risk vulnerability (CVE-2021-32589) in FortiOS, FortiProxy and FortiSwitchManager.

Fortinet patches Critical risk vulnerability (CVE-2021-32589) in FortiOS, FortiProxy and FortiSwitchManager Read More »

Iranian state-sponsored APT actors target Microsoft Exchange and Fortinet vulnerabilities

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / November 18, 2021 / APT, ChamelGang, CVE-2018-13379, CVE-2019-5591, CVE-2020-12812, CVE-2021-34473, Exchange, Fortigate, Fortinet, ProxyShell, VPN

Iranian state-sponsored advanced persistent threat (APT) actors have been targeting and exploiting Microsoft Exchange and Fortinet vulnerabilities.

Iranian state-sponsored APT actors target Microsoft Exchange and Fortinet vulnerabilities Read More »

Top 30 most commonly exploited vulnerabilities over 2020 and 2021

Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / July 29, 2021 / Atlassian, BIG-IP, Citrix, CVE 2018-13379, CVE 2019-11510, CVE 2019-18935, CVE 2020-15505, CVE 2020-5902, CVE-2017-11882, CVE-2018-13379, CVE-2018-7600, CVE-2019-0604, CVE-2019-11580, CVE-2019-19781, CVE-2019-5591, CVE-2020-0787, CVE-2020-12812, CVE-2020-1472, CVE-2021-21985, CVE-2021-22894, CVE-2021-22899, CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104, Drupal, F5, Fortinet, MobileIron, Netlogon, Office, Pulse, Zerologon

Cybersecurity experts from Australia, U.K., and U.S. governments have released a list of the most commonly exploited vulnerabilities over 2020 and 2021.

Top 30 most commonly exploited vulnerabilities over 2020 and 2021 Read More »

Fortinet patches High risk RCE vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 20, 2021 / CVE-2021-32589, FortiAnalyzer, FortiManager, Fortinet, RCE

Fortinet has patched a High risk use-after-free vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer fgfmsd daemon. An attacker could exploit the vulnerability to launch remote code execution (RCE) as root and take control of an impacted system.

Fortinet patches High risk RCE vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer Read More »

FBI and CISA warn of Fortinet FortiOS vulnerability exploits

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 2, 2021 / APT, CISA, CVE-2018-13379, CVE-2019-5591, CVE-2020-12812, FBI, Fortinet, FortiOS, Zerologon

Cybersecurity experts from the FBI and CISA have issued a joint cybersecurity advisory warning of APT exploits of Fortinet FortiOS vulnerabilities CVE-2018-13379, CVE-2019-5591 and CVE-2020-12812.

FBI and CISA warn of Fortinet FortiOS vulnerability exploits Read More »

Hackers target 50K vulnerable Fortinet devices to steal passwords

Cybersecurity Attacks, Network Security, Password Management, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / November 27, 2020 / CISA, CVE-2018-13379, Fortinet, FortiOS, VPN

Cybersecurity experts are warning hackers are targeting nearly 50,000 vulnerable unpatched Fortinet VPNs to steal passwords.

Hackers target 50K vulnerable Fortinet devices to steal passwords Read More »

APT attackers exploit multiple VPN software vulnerabilities

Cybersecurity Attacks, Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / October 5, 2019 / Fortinet, Palo Alto Networks, Pulse Secure, SSL, VPN

Security experts are again warning that advanced persistent threat (APT) actors are exploiting vulnerabilities in multiple Virtual Private Network (VPN) applications.

APT attackers exploit multiple VPN software vulnerabilities Read More »