News

CSO Online4h

Fortinet patches critical flaw with public exploit in FortiSIEM

Fortinet fixed a critical command injection vulnerability in FortiSIEM, which is subject to a working exploit in the wild, as ...

Fortinet VPNs under attack from potential zero-day - FortiSIEM security tools also at risk, so be on your guard

In early August 2025, researchers from GreyNoise first observed a significant spike in brute-force attacks against Fortinet ...
Infosecurity Magazine18h

Fortinet Warns Exploit Code Available for Critical Vulnerability

Sysadmins have been urged to prioritize updating a new critical vulnerability in Fortinet’s FortiSIEM solution, as exploit ...

Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild

Fortinet is warning about a remote unauthenticated command injection flaw in FortiSIEM that has in-the-wild exploit code, ...
The Register on MSN1d

Fortinet discloses critical bug with working exploit code amid surge in brute-force attempts

If there's smoke? Fortinet warned customers about a critical FortiSIEM bug that could allow an unauthenticated attacker to ...

Spike in Fortinet VPN brute-force attacks raises zero-day concerns

A massive spike in brute-force attacks targeted Fortinet SSL VPNs earlier this month, followed by a switch to FortiManager, ...
The Hacker News1d

Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code

"An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in ...
The Hacker News2d

Fortinet SSL VPNs Hit by Global Brute-Force Wave Before Attackers Shift to FortiManager

Coordinated brute-force attacks hit Fortinet SSL VPNs and FortiManager, involving 780+ malicious IPs from U.S., Canada, ...