Threat Post

FortiGate VPN Default Config Allows MitM Attacks

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle ...
Bleeping Computer

New Fortinet RCE flaw in SSL VPN likely exploited in attacks

Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks. The flaw (tracked as CVE-2024-21762 / FG-IR-24-015) received a ...
TechRadar

Fortinet VPNs under attack from potential zero-day - FortiSIEM security tools also at risk, so be on your guard

Someone has been trying to break into Fortinet VPN products GreyNoise believes this is in preparation of a zero-day exploit The researchers expect a CVE to be published within weeks Fortinet users are ...
Bleeping Computer

Fortinet says SSL-VPN pre-auth RCE bug is exploited in attacks

Fortinet urges customers to patch their appliances against an actively exploited FortiOS SSL-VPN vulnerability that could allow unauthenticated remote code execution on devices. The security flaw is ...