Weak authentication in WAD/GUI
A Weak authentication vulnerability [CWE 1390] in FortiPAM and FortiSwitch Manager WAD/GUI may allow an attacker to bypass the authentication process via a brute-force attack. Revised on 2025-10-14 00:00:00
Read MoreAuthor: Cyberthreat Blog
Race condion in FortiCloud SSO SAML authentication
A concurrent execution using shared resource with improper synchronization (‘Race Condition’) vulnerability [CWE-362] in FortiAnalyzer may allow an attacker to attempt to win a race condition to bypass the FortiCloud...
Read More
Lazarus Group Hunts European Drone Manufacturing Data
The campaign is the latest effort by the North Korean threat actor to collect data of strategic...
Read MorePrivate Personal Information Collection by Debug Bundle
An Exposure of Private Personal Information (‘Privacy Violation’) vulnerability [CWE-359] in FortiDLP may allow an authenticated windows administrator to collect current user’s email information Revised on...
Read MorePath Traversal in agent leads to Privilege Escalation
An Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability [CWE-22] in FortiDLP Agent’s Outlookproxy plugin for Windows and MacOS may allow an authenticated attacker to...
Read More