Thursday , June 12 2025
Fortinet

Fortinet warn new Fortinet RCE flaw in SSL VPN

Fortinet warns about a new critical vulnerability in FortiOS SSL VPN that could be used in attacks. The flaw, known as CVE-2024-21762 / FG-IR-24-015, has a severity rating of 9.6.

It is an out-of-bounds write vulnerability in FortiOS. This vulnerability enables unauthenticated attackers to execute remote code by using malicious requests.

Adobe Releases Patch Fixing 254 Vulnerabilities With High-Severity Security Gaps

On Tuesday, Adobe released security updates for 254 vulnerabilities in its software, mainly affecting Experience Manager (AEM). There are 254...
Read More
Adobe Releases Patch Fixing 254 Vulnerabilities With High-Severity Security Gaps

Alert
40,000 + live internet cameras exposed globally !

A new report from Bitsight reveals that over 40,000 internet-connected security cameras around the world are exposed, broadcasting live footage...
Read More
Alert  40,000 + live internet cameras exposed globally !

Microsoft patch Tuesday fix exploited zero-day and 65 vuls patched

Microsoft's June Patch Tuesday update has arrived, addressing 66 vulnerabilities across its product line. One of these flaws was actively...
Read More
Microsoft patch Tuesday fix exploited zero-day and 65 vuls patched

84,000+ Roundcube instances vulnerable to actively exploited flaw

More than 84,000 Roundcube webmail installations are at risk due to CVE-2025-49113, a severe remote code execution (RCE) vulnerability that...
Read More
84,000+ Roundcube instances vulnerable to actively exploited flaw

CVE-2025-24016
Critical Wazuh RCE Actively Exploited by Mirai Botnets

The Security Intelligence and Response Team (SIRT) at Akamai has found that multiple Mirai-based botnets are exploiting CVE-2025-24016, a critical...
Read More
CVE-2025-24016  Critical Wazuh RCE Actively Exploited by Mirai Botnets

CISA Issues Seven Advisories for Industrial Control Systems (ICS)

On June 5, 2025, CISA released seven advisories regarding Industrial Control Systems (ICS) that highlight current security issues, vulnerabilities, and...
Read More
CISA Issues Seven Advisories for Industrial Control Systems (ICS)

ClickFix Attack Exploits Fake Cloudflare Human Check to Install Malware

A new social engineering attack uses familiar security checks to trick users into downloading malware via fake Cloudflare verification pages....
Read More
ClickFix Attack Exploits Fake Cloudflare Human Check to Install Malware

Fortinet flaws now exploited in Qilin ransomware attacks

The Qilin ransomware operation has recently joined attacks exploiting two Fortinet vulnerabilities that allow bypassing authentication on vulnerable devices and...
Read More
Fortinet flaws now exploited in Qilin ransomware attacks

Critical Cisco ISE flaw impacts cloud deployments on AWS, Microsoft Azure, and OCI

Cisco fixed a critical vulnerability in the Identity Services Engine (ISE) that could let unauthorized attackers carry out harmful actions....
Read More
Critical Cisco ISE flaw impacts cloud deployments on AWS, Microsoft Azure, and OCI

App builiding platform exposes over 3 million records, including PII

Cybersecurity researcher Jeremiah Fowler discovered an unprotected database with 3,637,107 records likely from a no-code app-building platform. The unprotected database,...
Read More
App builiding platform exposes over 3 million records, including PII

Upgrade to the latest version indicated in the following table to fix the bug, as recommended by Fortinet:

Source: Bleeping computer

To protect against the vulnerability, disable SSL VPN on your FortiOS devices.

This flaw was disclosed today along with CVE-2024-23113 (Critical/9.8 rating), CVE-2023-44487 (Medium), and CVE-2023-47537 (Medium). However, these flaws are not marked as being exploited in the wild.

 

Check Also

ICS

CISA Issues Seven Advisories for Industrial Control Systems (ICS)

On June 5, 2025, CISA released seven advisories regarding Industrial Control Systems (ICS) that highlight …

Leave a Reply

Your email address will not be published. Required fields are marked *