Yasna | Cybersecurity news, filtered

Security Affairs 6 days, 9 hours ago

CVE-2026-35616: FortiClient EMS Flaw Actively Exploited in Malware Attacks

Threat actors are exploiting a critical FortiClient EMS flaw, tracked as CVE-2026-35616, to deploy malware on unpatched systems. Threat actors are exploiting a critical FortiClient EMS vulnerability, tracked as CVE-2026-35616 (CVSS score of 9.1), that allows remote code execution without authentication. Fortinet released fixes in April after confirming zero-day attacks in the wild and urged […]

More from Security Affairs 29 May 2026, 4:05 a.m. Incident · 10 stories Actively exploited CVE-2026-35616 0-Day Authentication CVE Critical Flaw Fortinet Malware Patch Remote Code Execution Theft Threat Actor Vulnerability

Dark Reading 2 months ago

F5 BIG-IP Vulnerability Reclassified as RCE, Under Exploitation

CVE-2025-53521 was initially disclosed in October as a high-severity denial-of-service (DoS) flaw, but new information has revealed the bug is actually much more dangerous.

More from Dark Reading 31 Mar 2026, 7:24 a.m. Actively exploited CVE-2025-53521 CVE Disclosure DoS F5 Flaw Fortinet Remote Code Execution Vulnerability

Bleeping Computer 10 months, 2 weeks ago

New Fortinet FortiWeb hacks likely linked to public RCE exploits

Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public exploits for a recently patched remote code execution (RCE) flaw tracked as CVE-2025-25257. [...]

More from Bleeping Computer 17 Jul 2025, 2:58 a.m. Actively exploited CVE-2025-25257 CVE Compromise Exploit Flaw Fortinet Infection Patch Remote Code Execution

The Hacker News 1 year ago

Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems

Fortinet has patched a critical security flaw that it said has been exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems

More from The Hacker News 14 May 2025, 4:21 p.m. Actively exploited CVE-2025-32756 0-Day CVE Critical Flaw Fortinet Patch Remote Code Execution Unauthenticated Vulnerability

Dark Reading 1 year, 5 months ago

Fortinet Addresses Unpatched Critical RCE Vector

Fortinet has patched CVE-2023-34990 in its Wireless LAN Manager (FortiWLM), which combined with CVE-2023-48782 could allow for unauthenticated remote code execution (RCE) and the ability to read all log files.

More from Dark Reading 20 Dec 2024, 11:29 a.m. CVE-2023-34990 CVE-2023-48782 CVE Critical Fortinet Patch Remote Code Execution Unauthenticated Wireless

Dark Reading 2 years ago

Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access

Corporate admins should patch the max-severity CVE-2024-23108 immediately, which allows unauthenticated command injection.

More from Dark Reading 30 May 2024, 6:04 a.m. CVE-2024-23108 CVE Critical Exploit Fortinet Patch Remote Code Execution Root SIEM Unauthenticated

Dark Reading 2 years, 2 months ago

Fortinet Warns of Yet Another Critical RCE Flaw

CVE-2024-48788, like many other recent Fortinet flaws, will likely be an attractive target, especially for nation-state backed actors.

More from Dark Reading 15 Mar 2024, 9:13 a.m. CVE-2024-48788 CVE Critical Flaw Fortinet Nation State Remote Code Execution Warning

The Hacker News 2 years, 10 months ago

Alert: 330,000 FortiGate Firewalls Still Unpatched to CVE-2023-27997 RCE Flaw

No less than 330000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997, a critical security flaw affecting Fortinet devices that have come under active exploitation in the wild

More from The Hacker News 4 Jul 2023, 6:58 p.m. Actively exploited CVE-2023-27997 CVE Critical Exposure Firewalls Flaw Fortinet Remote Code Execution Report VPN Vulnerability

Bleeping Computer 2 years, 11 months ago

300,000+ Fortinet firewalls vulnerable to critical FortiOS RCE bug

Hundreds of thousands of FortiGate firewalls are vulnerable to a critical security issue identified as CVE-2023-27997, almost a month after Fortinet released an update that addresses the problem. [...]

More from Bleeping Computer 3 Jul 2023, 11:54 p.m. Actively exploited CVE-2023-27997 CVE Critical Firewalls Fortinet Remote Code Execution Vulnerability

Bleeping Computer 3 years, 3 months ago

Exploit released for critical Fortinet RCE flaw, patch now

Security researchers have released a proof-of-concept exploit for a critical-severity vulnerability (CVE-2022-39952) in Fortinet's FortiNAC network access control suite. [...]

More from Bleeping Computer 22 Feb 2023, 7:21 a.m. CVE-2022-39952 CVE Critical Exploit Flaw Fortinet Patch PoC Remote Code Execution Research Vulnerability