Fortinet

Help Net Security CVE Fortinet May 29

New infostealer reaches enterprise devices through FortiClient EMS vulnerability

Attackers are delivering a broad-spectrum infostealer to enterprise computers by exploiting a known vulnerability (CVE-2026-35616) in FortiClient Enterprise ...

1 IOC

Help Net Security →

The Hacker News Vulnerability Disclosure Fortinet May 28

Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server (EMS) deployments to deliver c...

The Hacker News →

SecurityWeek Zero-Day Fortinet May 28

Critical FortiClient EMS Vulnerability Exploited in Fresh Attacks

Fortinet rolled out hotfixes for the security defect in April, warning that it had been exploited in the wild as a zero-day and urging immediate patching. Th...

SecurityWeek →

GBHackers Vulnerability Disclosure Fortinet May 28

FortiClient Code Execution Flaw Exploited to Deploy EKZ Malware

Fortinet customers are facing a new wave of attacks after a critical flaw in FortiClient Endpoint Management Server (EMS) was exploited to push a fake Fortin...

GBHackers →

GBHackers Vulnerability Disclosure Fortinet May 14

Critical Fortinet FortiSandbox Vulnerability Enables Code Execution Attacks

The ultimate irony in cybersecurity has just struck the very tool designed to catch and isolate deadly malware has become an open door for hackers. A newly d...

T1598

GBHackers →

SC Media CVE Fortinet May 13

Fortinet addresses critical vulnerabilities in FortiSandbox and FortiAuthenticator

The first vulnerability, CVE-2026-44277, affects FortiAuthenticator's Identity and Access Management solution and was patched in versions 6.5.

1 IOC

SC Media →

Zero Day Initiative CVE Fortinet Apr 15

ZDI-26-266: Fortinet FortiWeb cat_cgi_paths Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fortinet FortiWeb. Authentication is required to exploit th...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Fortinet Apr 15

ZDI-26-265: Fortinet FortiWeb cgi_buf_alloc Integer Overflow Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Fortinet FortiWeb. Authentication is required...

1 IOC

Zero Day Initiative →

Infosecurity Magazine Zero-Day Fortinet Apr 7

Fortinet Releases Emergency Patch After FortiClient EMS Bug Is Exploited

Fortinet has updated its FortiClient EMS product after zero-day attacks surfaced

Infosecurity Magazine →

Infosecurity Magazine Ransomware Fortinet Mar 19

Ransomware Affiliate Exposes Details of 'The Gentlemen' Operation

Hastalamuerte leaks The Gentlemen RaaS ops: FortiGate exploits, BYOVD evasion, Qilin split tactics

T1588

Infosecurity Magazine →

Zero Day Initiative CVE Fortinet Mar 10

ZDI-26-186: Fortinet FortiClient Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Fortinet FortiClient. An attacker must first obtain the ability...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Fortinet Feb 19

ZDI-26-115: Fortinet FortiClient VPN FCConfig Utility Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Fortinet FortiClient VPN. An attacker must first obtain the abi...

T1548 T1068 1 IOC

Zero Day Initiative →