SecurityWeek

Fortinet Warns of New Attacks Exploiting Old Vulnerability

Fortinet says threat actors are abusing CVE-2020-12812, an improper authentication vulnerability in FortiOS, in a fresh wave ...
heise online

Unknown group releases Fortinet config files and VPN passwords to the darknet

Complete config files and VPN passwords in plain text for Fortinet devices have been released by a new group. heise security takes a look at the data set. Usually, you'll get only small gifts in ...
Hosted on MSN

FortiGate config leaks: Victims' email addresses published online

Thousands of email addresses included in the Belsen Group's dump of FortiGate configs last week are now available online, revealing which organizations may have been impacted by the 2022 zero-day ...
CSOonline

Warning to FortiGate admins: You need to run a compromise assessment now

Network administrators with Fortinet’s FortiGate next generation firewall in their IT environments are being warned to thoroughly scrutinize systems for possible compromise, following last week’s dump ...
TechRadar

Fortinet products hit by further security flaws - giving hackers access to systems and more

Two critical SAML‑signature flaws (CVE‑2025‑59718/59719) let attackers bypass SSO across multiple Fortinet products Exploitation began December 12, with intruders pulling config files that expose ...
Bleeping Computer

Mandiant says new Fortinet flaw has been exploited since June

A new Fortinet FortiManager flaw dubbed "FortiJump" and tracked as CVE-2024-47575 has been exploited since June 2024 in zero-day attacks on over 50 servers, according to a new report by Mandiant. For ...
Bleeping Computer

Fortinet fixes bug letting unauthenticated hackers run code as root

Fortinet has released updates for its FortiManager and FortiAnalyzer network management solutions to fix a serious vulnerability that could be exploited to execute arbitrary code with the highest ...