SecurityWeek

Fortinet Patches High-Severity Vulnerabilities

Fortinet has fixed nine vulnerabilities, including high-severity command execution and authentication bypass flaws.
Yahoo

Update now — Fortinet Windows VPN hacked to steal user data

Cybersecurity researchers has revealed that for months now, Fortinet’s Windows VPN client has been vulnerable to a flaw which allows threat actors to steal user credentials - and Chinese hackers have ...
Bleeping Computer

Fortinet discloses second firewall auth bypass patched in January

Update 2/11/25 07:32 PM ET: After publishing our story, Fortinet has informed us that the new CVE-2025-24472 flaw added to FG-IR-24-535 today is not a zero-day and was already fixed in January.
Dark Reading

Fortinet Confirms New Zero-Day Behind Malicious SSO Logins

Fortinet confirmed that a new zero-day vulnerability under exploitation was the cause of a spate of malicious logins through FortiCloud's single sign-on (SSO) feature. The cybersecurity vendor on ...
Dark Reading

15K Fortinet Device Configs Leaked to the Dark Web

Dated configuration data and virtual private network (VPN) credentials for 15,474 Fortinet devices have been posted for free to the Dark Web. On Jan. 14, Fortinet disclosed a severe authentication ...
CRN

Fortinet Firewall Refresh Results Have Been ‘Disappointing:’ Analysts

The security vendor was hit with numerous stock downgrades from Wall Street analysts Thursday following company disclosures about the pace of firewall upgrades from customers. Fortinet saw numerous ...