← Find more feeds

fortiguard.com

FortiGuard Labs | FortiGuard Center - IR Advisories

Get the latest updates from FortiGuard Labs | FortiGuard Center - IR Advisories directly as they happen.

Follow now 82 followers

Latest posts

Last updated 21 days ago

Telemetry protocol authentication is based over VDOM and FCTUID

21 days ago

An improper authentication vulnerability [CWE-287] in FortiClientEMS telemetry protocol may allow an...

Read full

Insufficient Session Expiration in SSL-VPN cookie

21 days ago

An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN may allow an...

Read full

Privilege escalation in GUI websocket module

21 days ago

An Improper Privilege Management vulnerability [CWE-269] affecting FortiOS, FortiProxy & FortiWeb may...

Read full

Information Disclosure on SSLVPN endpoint

21 days ago

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability [CWE-200] in...

Read full

eap-cert-auth bypass via revoked certificate

21 days ago

An Improper Certificate Validation vulnerability [CWE-295] in FortiOS may allow an EAP...

Read full

IPsec improper validation of certificate with host mismatch

21 days ago

An improper validation of certificate with host mismatch [CWE-297] vulnerability in FortiClient...

Read full

Privilege escalation in automation-stitch

21 days ago

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] in...

Read full

Firewall session injection in FGSP

21 days ago

An improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in...

Read full

SSH key is added even if operation is aborted

21 days ago

An incomplete cleanup vulnerability [CWE-459] in FortiOS & FortiProxy may allow a...

Read full

Weak authentication in security fabric daemon

21 days ago

A channel accessible by non-endpoint vulnerability [CWE-300] in FortiOS & FortiProxy may...

Read full

Insufficient Access Control Over API Endpoints

21 days ago

An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiPortal may allow...

Read full

Improper Handling of Insufficient Permissions or Privileges in GUI websocket

21 days ago

An Improper Handling of Insufficient Permissions or Privileges Vulnerability [CWE-280] in FortiPAM...

Read full

Or log in

Everything you care about in one place

FortiGuard Labs | FortiGuard Center - IR Advisories

Latest posts

Telemetry protocol authentication is based over VDOM and FCTUID

Insufficient Session Expiration in SSL-VPN cookie

Privilege escalation in GUI websocket module

Information Disclosure on SSLVPN endpoint

eap-cert-auth bypass via revoked certificate

IPsec improper validation of certificate with host mismatch

Privilege escalation in automation-stitch

Firewall session injection in FGSP

SSH key is added even if operation is aborted

Weak authentication in security fabric daemon

Insufficient Access Control Over API Endpoints

Improper Handling of Insufficient Permissions or Privileges in GUI websocket

Try Feeder for free