Ars Technica

Fortinet SSL-VPN or Windows VPN

I already setup the Fortigate to do SSL-VPN using Active Directory (LDAP) for authentication. It works great, but requires a Fortinet client installation and some ...
Bleeping Computer

Fortinet fixes critical RCE flaw in Fortigate SSL-VPN devices, patch now

Update 6/12/23 added below: Fortinet released a new advisory warning that the vulnerability may have been exploited in attacks. Fortinet has released new Fortigate firmware updates that fix an ...
CRN

Fortinet Discloses Vulnerabilities In FortiOS, FortiProxy, FortiClient Linux And Mac

The disclosure includes one ‘critical’ vulnerability and several ‘high’ severity flaws. Fortinet disclosed new vulnerabilities Tuesday affecting FortiOS, FortiProxy, FortiClient Linux and ...
Bleeping Computer

New Boldmove Linux malware used to backdoor Fortinet devices

Suspected Chinese hackers exploited a recently disclosed FortiOS SSL-VPN vulnerability as a zero-day in December, targeting a European government and an African MSP with a new custom 'BOLDMOVE' Linux ...
Dark Reading

Researchers Develop Exploit Code for Critical Fortinet VPN Bug

Researchers have written exploit code for a critical remote code execution (RCE) vulnerability in Fortinet's FortiGate SSL VPNs that the vendor disclosed and patched in June 2023. Bishop Fox's ...
Dark Reading

Fortinet: Patched Critical Flaw May Have Been Exploited

Attackers may have exploited a flaw in Fortinet's FortiOS SSL-VPN in "a limited number of cases" that affected users in government, manufacturing, and critical infrastructure sectors. Exploitation of ...