Bleeping Computer

New Fortinet RCE flaw in SSL VPN likely exploited in attacks

Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks. The flaw (tracked as CVE-2024-21762 / FG-IR-24-015) received a ...
Ars Technica

Fortinet SSL-VPN or Windows VPN

I already setup the Fortigate to do SSL-VPN using Active Directory (LDAP) for authentication. It works great, but requires a Fortinet client installation and some ...
Bleeping Computer

Fortinet says SSL-VPN pre-auth RCE bug is exploited in attacks

Fortinet urges customers to patch their appliances against an actively exploited FortiOS SSL-VPN vulnerability that could allow unauthenticated remote code execution on devices. The security flaw is ...
Infosecurity-magazine.com

Fortinet Addresses Critical FortiGate SSL-VPN Vulnerability

Network security solution provider Fortinet has patched a critical bug in its FortiOS and FortiProxy SSL-VPN software that could be exploited to hijack equipment. The vulnerability, identified as ...
SecurityWeek

Fortinet Patches High-Severity Vulnerabilities

Fortinet has fixed nine vulnerabilities, including high-severity command execution and authentication bypass flaws.
TechRadar

Update now — Fortinet Windows VPN hacked to steal user data

Researchers spot Chinese threat actor stealing login credentials from Fortinet VPN Thefts carried out with the help of a vulnerability discovered in 2023 The bug is yet to be addressed, or even ...
IT News For Australia Business

Long list of vulnerable Fortinet SSL VPNs published

A large list of almost 50,000 internet-reachable Fortinet FortiGate virtual private networking systems that contain an easily exploitable vulnerability has been published on the web and social media.