Bleeping Computer

Fortinet discloses second firewall auth bypass patched in January

Update 2/11/25 07:32 PM ET: After publishing our story, Fortinet has informed us that the new CVE-2025-24472 flaw added to FG-IR-24-535 today is not a zero-day and was already fixed in January.
SDxCentral

Fortinet faces second authentication flaw in a fortnight

Fortinet systems are under threat due to another authentication-based flaw, with security experts warning edge devices are now a vulnerable attack surface for networks. A single sign-on (SSO) ...
SDxCentral

Fortinet firewalls face new threat, this time from authentication flaw

Fortinet firewalls are under threat from a single sign-on (SSO) vulnerability, which allows unauthorized configuration changes. According to researchers at Arctic Wolf, the exploit hinges on ...
Bleeping Computer

Hackers exploit newly patched Fortinet auth bypass flaws

Hackers are exploiting critical-severity vulnerabilities affecting multiple Fortinet products to get unauthorized access to admin accounts and steal system configuration files. The two vulnerabilities ...
Dark Reading

Fortinet Firewalls Hit With Malicious Configuration Changes

A threat actor has been compromising Fortinet firewalls through single sign-on (SSO) logins over the past week, raising the specter that a previously disclosed and mitigated authentication bypass ...