SecurityWeek

Fortinet Patches High-Severity Vulnerabilities

Fortinet has fixed nine vulnerabilities, including high-severity command execution and authentication bypass flaws.
TechRadar

Fortinet FortiGate devices hit in automated attacks which create rogue accounts and steal firewall data

Hackers exploit Fortinet FortiGate SSO bug to steal firewall configuration data FortiOS 7.4.10 patch incomplete; new versions planned to fully fix vulnerability Stolen firewall data exposes network ...
The Hacker News

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls

Fortinet has officially confirmed that it's working to completely plug a FortiCloud SSO authentication bypass vulnerability following reports of fresh exploitation activity on fully-patched firewalls.
theregister

FortiGate firewalls hit by silent SSO intrusions and config theft

FortiGate firewalls are getting quietly reconfigured and stripped down by miscreants who've figured out how to sidestep SSO protections and grab sensitive settings right out of the box. That's ...
Dark Reading

Fortinet Firewalls Hit With Malicious Configuration Changes

A threat actor has been compromising Fortinet firewalls through single sign-on (SSO) logins over the past week, raising the specter that a previously disclosed and mitigated authentication bypass ...
SecurityWeek

New Wave of Attacks Targeting FortiGate Firewalls

Hackers bypass the FortiCloud SSO login authentication to create new accounts and change device configurations. Threat actors are making configuration changes to FortiGate firewalls in a new wave of ...
The Hacker News

Automated FortiGate Attacks Exploit FortiCloud SSO to Alter Firewall Configurations

Cybersecurity company Arctic Wolf has warned of a "new cluster of automated malicious activity" that involves unauthorized firewall configuration changes on Fortinet FortiGate devices. The activity, ...