The Hacker News

Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass

Attackers are exploiting two CVSS 9.8 FortiGate SSO authentication bypass flaws days after disclosure; Fortinet urges ...

Fortinet products hit by further security flaws - giving hackers access to systems and more

Two new critical vulnerabilities have been discovered in Fortinet products, and since they are being actively abused in the ...
CRN

CISA: Multiple Fortinet Products Exploited In Attacks, Rapid Patching Urged

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging Fortinet customers to prioritize patching for a critical-severity vulnerability, which impacts multiple products from the ...
Mobile ID World

Fortinet SSO Admin Login Flaw: New SAML Bypass CVEs Spur Multi-Product Patch Planning

While patching is positioned as the primary fix, interim risk reduction measures cited by advisories include limiting administrative interfaces to trusted networks and, where feasible, temporarily ...
CSOonline

Fortinet admins urged to update software to close FortiCloud SSO holes

Vulnerabilities could allow an attacker to bypass single sign-on login protection; users should disable SSO until patching is complete. Admins using FortiCloud SSO (single sign on) to authenticate ...
Computer Weekly

Fortinet vulnerabilities prompt pre-holiday warnings

Two recently disclosed vulnerabilities discovered in Fortinet’s product portfolio have prompted a pre-holiday warning for defenders after being added to the Known Exploited Vulnerabilities (KEV) ...

FortiCloud SSO exposure — 25,000 devices vulnerable and cyber attacks active

A critical security gap in FortiCloud's Single Sign-On (SSO) system has left more than 25,000 devices open to potential ...