SecurityWeek

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass

Fortinet has released patches for CVE-2026-24858, an authentication bypass exploited in the wild to compromise devices.

Fortinet FortiGate devices hit in automated attacks which create rogue accounts and steal firewall data

A recent Fortinet patch may not work as well as expected ...
The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively ...
The Register on MSN

Fortinet unearths another critical bug as SSO accounts borked post-patch

More work for admins on the cards as they await a full dump of fixes Things aren't over yet for Fortinet customers – the ...

CISA, security researchers warn FortiCloud SSO flaw is under attack

The flaw, tracked as CVE-2026-24858, allows an attacker with a registered device and a FortiCloud account to access devices ...

Fortinet continues to combat ongoing SSO admin attacks

Attackers have been targeting various Fortinet products for some time. A functional security update is still missing.
Cyber Daily

Update now! Fortinet discloses actively exploited critical flaw in FortiOS, FortiManager, and FortiAnalyzer

CVE-2026-24858 affects dozens of Fortinet products and has already been added to CISA’s list of known exploited ...