Bleeping Computer21d
Fortinet warns of auth bypass zero-day exploited to hijack firewalls
Fortinet says attackers exploiting the zero-day in the wild are creating randomly generated admin or local users on compromised devices and are adding them to existing SSL VPN user groups or to ...
CSOonline21d
Fortinet confirms zero-day flaw used in attacks against its firewalls
Fortinet has confirmed the existence of a critical ... naming scheme and adding those users to existing user groups with SSL VPN access. In some cases, they hijacked existing accounts or reset ...
CRN10mon
Fortinet Discloses Vulnerabilities In FortiOS, FortiProxy, FortiClient Linux And Mac
Fortinet disclosed new vulnerabilities Tuesday ... into visiting a malicious attacker-controlled website through the SSL-VPN,” the company said. Additionally, a pair of high-severity ...
ITWire18d
Fortinet firewalls hit with new zero-day attack, older data leak
SSL VPN authentication through those accounts, and various other configuration changes.” Fortinet’s advisory for CVE-2024-55591 includes indicators of compromise (IOCs) and notes that the ...