X-Industry

fortigate (2)

Hackers Selling Firewall Access

A threat actor has advertised a zero-day exploit targeting FortiGate firewall products from Fortinet on a prominent Dark Web forum. The exploit claims to enable unauthenticated remote code execution (RCE) and full configuration access to FortiOS, allowing attackers to seize control of vulnerable devices without needing credentials.

This alarming development has raised concerns among some users about the security of Fortinet firewalls, which are widely used in enterprises and government agencies

FortiOS SSL VPN Warning

Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the execution of arbitrary code and commands. "An out-of-bounds write vulnerability [CWE-787] in FortiOS may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests," the company said in a bulletin released last week.

It further acknowledged that the iss

#xg { position:relative;top:120px; } #xn_bar { top:120px; }

Hello, you need to enable JavaScript to use Red Sky Alliance.

Please check your browser settings or contact your system administrator.

Note: this page contains paid content.