Bleeping Computer

Fortinet VPN Client Exposes VPN Creds, Palo Alto Firewalls Allow Remote Attacks

It's been a bad week for two of the world's biggest vendors of enterprise hardware and software — Fortinet and Palo Alto Networks. Both companies fixed security issues this week affecting some of ...
HHS

Fortinet Fixes Critical Remote Code Flaw

Fortinet has patched a critical remote code execution vulnerability in its Secure Sockets Layer network protocol that could give adversaries access to networks. See Also: Breaches Won't Stop Until We ...
Bleeping Computer

Fortinet fixes critical RCE flaw in Fortigate SSL-VPN devices, patch now

Update 6/12/23 added below: Fortinet released a new advisory warning that the vulnerability may have been exploited in attacks. Fortinet has released new Fortigate firmware updates that fix an ...
Threat Post

FortiGate VPN Default Config Allows MitM Attacks

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle ...
Yahoo

Update now — Fortinet Windows VPN hacked to steal user data

Cybersecurity researchers has revealed that for months now, Fortinet’s Windows VPN client has been vulnerable to a flaw which allows threat actors to steal user credentials - and Chinese hackers have ...
Threat Post

FBI: APTs Actively Exploiting Fortinet VPN Security Holes

Three security vulnerabilities in the Fortinet SSL VPN are being used to gain a foothold within networks before moving laterally and carrying out recon. The FBI and the Cybersecurity and ...
ZDNet

Attacker releases credentials for 87,000 FortiGate SSL VPN devices

Fortinet has warned that 87,000 sets of credentials for FortiGate SSL VPN devices have been published online. The California-based cybersecurity firm said on Wednesday that it is aware of the ...