Mastodawn

Bitte schnell die betroffenen Systeme aktualisieren und sich einen neuen Hersteller des Vertrauens suchen... z.B. #CheckPoint 🫳 🎤

https://www.security-insider.de/fortinet-forticloud-sso-sicherheitsluecke-update-hinweis-a-d9d9dfe68f01b9e30623b3074dacc635/

#Fortinet #FortiCloud #FortiOS #FortiManager #FortiWeb #FortiProxy #FortiAnalyzer #Sicherheitsluecke #EUVD_2026_4712 #CVE_2026_24858

Neue SSO-Schwachstelle in FortiCloud wird aktiv ausgenutzt

Eine kritische Sicherheitslücke, die erneut die SSO-Anmeldung von Fortinets FortiCloud betrifft, wird aktiv ausgenutzt. Angreifer sind dadurch in der Lage, sich auf anderen Geräten anzumelden. Fortinet-Kunden sollten ihre Systeme dringend aktualisieren, um langfristige Risiken zu minimieren.

Security-Insider

decio Jan 22

Si vous administrez des FortiGate/FortiOS : des admins signalent un contournement du patch de la vulnérabilité critique CVE-2025-59718 (FortiCloud SSO https://fortiguard.fortinet.com/psirt/FG-IR-25-647 ) → compromission possible même sur des firewalls « patchés » (ex. 7.4.9/7.4.10).

( https://www.reddit.com/r/fortinet/comments/1qibdcb/possible_new_sso_exploit_cve202559718_on_749/ )

Préreq : “Allow administrative login using FortiCloud SSO” activé (souvent après enregistrement FortiCare).

Mitigation : désactiver admin-forticloud-sso-login + restreindre l’accès admin + vérifier logs/nouveaux comptes.

Chaîne d'exploitation: CVE-2025-59718 (+ CVE-2025-59719 côté FortiWeb) ➡️ envoi de messages SAML forgés ➡️ bypass de vérification de signature ➡️ accès admin non autorisé.

[Références]
"Fortinet admins report patched FortiGate firewalls getting hacked"
👇
https://www.bleepingcomputer.com/news/security/fortinet-admins-report-patched-fortigate-firewalls-getting-hacked/

( https://cyberveille.ch/posts/2026-01-21-fortigate-contournement-de-correctif-sur-lauthentification-forticloud-sso-cve-2025-59718-activement-exploite/)

💬
⬇️
https://infosec.pub/post/40878137

#CyberVeille #Fortinet #FortiGate #FortiOS #CVE_2025_59718

PSIRT | FortiGuard Labs

None

FortiGuard Labs

The New Oil Dec 30

#Fortinet warns of 5-year-old #FortiOS #2FA bypass still exploited in attacks

https://www.bleepingcomputer.com/news/security/fortinet-warns-of-5-year-old-fortios-2fa-bypass-still-exploited-in-attacks/

#cybersecurity

Fortinet warns of 5-year-old FortiOS 2FA bypass still exploited in attacks

Fortinet has warned customers that threat actors are still actively exploiting a critical FortiOS vulnerability that allows them to bypass two-factor authentication (2FA) when targeting vulnerable FortiGate firewalls.

BleepingComputer

Hackread.com Aug 13, 2025

A coordinated brute-force campaign has targeted Fortinet SSL VPNs, over 780 unique IPs launched credential attacks on August 3, followed by a change of target from FortiOS to FortiManager.

Read: https://hackread.com/brute-force-campaign-fortinet-ssl-vpn-coordinated-attack/

#Cybersecurity #Fortinet #BruteForce #CyberAttack #FortiOS #FortiManager

New Brute-Force Campaign Hits Fortinet SSL VPN in Coordinated Attack

Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto

Rene Robichaud Jul 28, 2025

UNC3886 Hackers Exploiting 0-Days in VMware vCenter/ESXi, Fortinet FortiOS, and Junos OS
https://cybersecuritynews.com/unc3886-hackers-exploiting-0-days/

#Infosec #Security #Cybersecurity #CeptBiro #UNC3886 #0Days #VMware #vCenter #ESXi #Fortinet #FortiOS #JunosOS

UNC3886 Hackers Exploiting 0-Days in VMware vCenter/ESXi, Fortinet FortiOS, and Junos OS

Singapore’s critical infrastructure is under siege from UNC3886, a sophisticated China-linked advanced persistent threat (APT) group. As of July 2025, the group has been actively targeting essential services like energy, water, telecommunications, and government systems, prompting urgent warnings from officials. This isn’t just another hack, it’s a calculated assault exploiting zero-day vulnerabilities in widely used […]

Cyber Security News

Security Land May 14, 2025

Critical vulnerability allows attackers to bypass authentication on Fortinet devices. Is your network infrastructure at risk? Discover which versions are vulnerable and how to protect your systems immediately.

#SecurityLand #CyberWatch #CyberSecurity #Fortinet #Vulnerability #FortiOS

Critical Fortinet Authentication Bypass Vulnerability Threatens Network Security | Security Land

Critical Fortinet authentication vulnerability (CVE-2025-22252) affects multiple products using TACACS+ with ASCII authentication. Patch Now!

Security Land

BSI WID Advisories Feed May 14, 2025

#BSI WID-SEC-2025-1025: [NEU] [mittel] #Fortinet #FortiOS: Mehrere Schwachstellen ermöglicht Denial of Service

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Fortinet FortiOS ausnutzen, um einen Denial of Service Angriff durchzuführen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1025

Warn- und Informationsdienst

BSI WID Advisories Feed May 14, 2025

#BSI WID-SEC-2025-1026: [NEU] [hoch] #Fortinet #FortiOS, #FortiProxy #und #FortiSwitch: Schwachstelle ermöglicht Privilegieneskalation

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Fortinet FortiOS, Fortinet FortiProxy und Fortinet FortiSwitch ausnutzen, um seine Privilegien zu erhöhen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1026

Warn- und Informationsdienst

Rene Robichaud May 13, 2025

FortiOS Authentication Bypass Vulnerability Lets Attackers Take Full Control of Device
https://cybersecuritynews.com/fortios-authentication-bypass-vulnerability/

#Infosec #Security #Cybersecurity #CeptBiro #FortiOS #AuthenticationBypass #Vulnerability #FullControlOfDevice

FortiOS Authentication Bypass Vulnerability Lets Attackers Take Full Control of Device

Fortinet has disclosed a significant security vulnerability affecting multiple Fortinet products, allowing attackers to bypass authentication and gain administrative access to affected systems.

Cyber Security News