Fortinet reports active attacks exploiting CVE-2020-12812, a FortiOS SSL VPN flaw that can bypass two-factor authentication ...

Researchers have written exploit code for a critical remote code execution (RCE) vulnerability in Fortinet's FortiGate SSL VPNs that the vendor disclosed and patched in June 2023. Bishop Fox's ...

Network security solution provider Fortinet has patched a critical bug in its FortiOS and FortiProxy SSL-VPN software that could be exploited to hijack equipment. The vulnerability, identified as ...

Attackers targeted admin accounts, and once authenticated, exported device configurations including hashed credentials and ...

Update 6/12/23 added below: Fortinet released a new advisory warning that the vulnerability may have been exploited in attacks. Fortinet has released new Fortigate firmware updates that fix an ...

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle ...

Over 200,000 businesses that have deployed Fortinet VPN with its default configuration could be vulnerable to man-in-the-middle (MitM) attacks according to new research from the network security ...

A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer. While the threat actor states that the ...

A hacker gang has allegedly collected and dumped a large trove of approximately 500,000 login credentials belonging to users of a popular VPN product from cybersecurity firm Fortinet. The threat actor ...

I already setup the Fortigate to do SSL-VPN using Active Directory (LDAP) for authentication. It works great, but requires a Fortinet client installation and some ...