Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 31 of 28407

Capacity to use password hashes instead of password for authentication

Posted by Cyberthreat Blog | Dec 9, 2025 | Fortinet PSIRT Advisories |

CVSSv3 Score: 4.4 A use of password hash instead of password for authentication vulnerability [CWE-836] in FortiWeb may allow an unauthenticated attacker to use the hash in place of the password to authenticate via crafted...

Current password requirement bypass for self password change

Posted by Cyberthreat Blog | Dec 9, 2025 | Fortinet PSIRT Advisories |

CVSSv3 Score: 6.5 An Unverified Password Change vulnerability [CWE-620] in FortiSOAR may allow an attacker who gained access to a victim’s user account to reset the account credentials without being prompted for the...

Japanese Firms Suffer Long Tail of Ransomware Damage

Posted by Cyberthreat Blog | Dec 9, 2025 | DARKREADING |

Ransomware actors have targeted manufacturers, retailers, and the Japanese government, with many...

Incorrect authorization in multi-vdom environment

Posted by Cyberthreat Blog | Dec 9, 2025 | Fortinet PSIRT Advisories |

CVSSv3 Score: 6.4 An Incorrect Authorization vulnerability [CWE-863] in FortiPortal may allow an authenticated attacker to reboot a shared FortiGate device via crafted HTTP requests. Revised on 2025-12-09...

Microsoft Fixes Exploited Zero Day in Light Patch Tuesday

Posted by Cyberthreat Blog | Dec 9, 2025 | DARKREADING |

Proof-of-concept exploit code is publicly available for two other flaws in this month’s...

Author: Cyberthreat Blog

Capacity to use password hashes instead of password for authentication

Current password requirement bypass for self password change

Japanese Firms Suffer Long Tail of Ransomware Damage

Incorrect authorization in multi-vdom environment

Microsoft Fixes Exploited Zero Day in Light Patch Tuesday