Bleeping Computer

Fortinet warns of critical command injection bug in FortiSIEM

Fortinet is alerting customers of a critical OS command injection vulnerability in FortiSIEM report server that could be exploited by remote, unauthenticated attackers to execute commands through ...
Bleeping Computer

Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild

Fortinet is warning about a remote unauthenticated command injection flaw in FortiSIEM that has in-the-wild exploit code, making it critical for admins to apply the latest security updates. FortiSIEM ...

New Fortinet Zero-Day Warning—Update Now, Attacks Underway

Fortinet has confirmed that attackers are already exploiting a 9.1-rated zero-day vulnerability. Emergency security update released.
Dark Reading

Patch Now: Critical Fortinet RCE Bug Under Active Attack

As expected, cyberattackers have pounced on a critical remote code execution (RCE) vulnerability in the Fortinet Enterprise Management Server (EMS) that was patched last week, allowing them to execute ...
Infosecurity-magazine.com

Fortinet Warns Exploit Code Available for Critical Vulnerability

Sysadmins have been urged to prioritize updating a new critical vulnerability in Fortinet’s FortiSIEM solution, as exploit code is currently circulating in the wild. Published on Tuesday, ...
Infosecurity-magazine.com

Fortinet Confirms Exploitation of Critical FortiManager Zero-Day Vulnerability

Fortinet has confirmed that a critical zero-day vulnerability affecting its FortiManager network management solution is being exploited in the wild. In an October 23 security advisory, the ...
Dark Reading

Iranian APT Hits US Aviation Org via ManageEngine, Fortinet Bugs

State-sponsored threat actors have exploited a US aeronautical organization, using known vulnerabilities in Zoho ManageEngine software and in Fortinet firewalls. The organization has not been named, ...