Critical Fortigate Firewall vulnerabilities patched

Three vulnerabilities allowed hackers to bypass Fortigate and steal enterprise credentials.

Fortinet closes brute-force and command injection flaws in FortiWeb & Co.

Fortinet closes flaws in FortiWeb and FortiManager, allowing command injection, among other things. FortiGate firewalls were ...
Ars Technica

JunOs ~ Fortigate Admin

The Fortigate units work like you would expect them to. There is no weird command-line stuff necessary. If you understand what a firewall is and what it is supposed to do, you can figure out the ...
Bleeping Computer

Fortinet says critical auth bypass bug is exploited in attacks

Fortinet has confirmed today that a critical authentication bypass security vulnerability patched last week is being exploited in the wild. The security flaw (CVE-2022-40684) is an auth bypass on the ...

FortiGate Edge Intrusions: Stolen Service Accounts Lead to Rogue Workstations and Deep AD Compromise

Throughout early 2026, SentinelOne’s Digital Forensics & Incident Response (DFIR) team has responded to several incidents where FortiGate Next-Generation Firewall (NGFW) appliances have been ...
CSOonline

Fortinet confirms zero-day flaw used in attacks against its firewalls

The advisory from the cybersecurity company follows a report from security researchers who observed exploits in the wild in early December as part of a widespread campaign. Fortinet has confirmed the ...