Ars Technica

Fortinet SSL-VPN or Windows VPN

I already setup the Fortigate to do SSL-VPN using Active Directory (LDAP) for authentication. It works great, but requires a Fortinet client installation and some ...
Bleeping Computer

New Fortinet RCE flaw in SSL VPN likely exploited in attacks

Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks. The flaw (tracked as CVE-2024-21762 / FG-IR-24-015) received a ...
Bleeping Computer

Fortinet says SSL-VPN pre-auth RCE bug is exploited in attacks

Fortinet urges customers to patch their appliances against an actively exploited FortiOS SSL-VPN vulnerability that could allow unauthenticated remote code execution on devices. The security flaw is ...
Threat Post

FBI: APTs Actively Exploiting Fortinet VPN Security Holes

Three security vulnerabilities in the Fortinet SSL VPN are being used to gain a foothold within networks before moving laterally and carrying out recon. The FBI and the Cybersecurity and ...
Infosecurity-magazine.com

Fortinet Addresses Critical FortiGate SSL-VPN Vulnerability

Network security solution provider Fortinet has patched a critical bug in its FortiOS and FortiProxy SSL-VPN software that could be exploited to hijack equipment. The vulnerability, identified as ...
Dark Reading

Fortinet Products Are in the Crosshairs Again

Fortinet, whose technologies are a popular target for attackers, has disclosed a critical, unauthenticated remote code execution vulnerability in its FortiSIEM platform. A proof-of-concept exploit for ...
Hosted on MSN

Fortinet VPNs under attack from potential zero-day - FortiSIEM security tools also at risk, so be on your guard

Someone has been trying to break into Fortinet VPN products GreyNoise believes this is in preparation of a zero-day exploit The researchers expect a CVE to be published within weeks Fortinet users are ...