CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Vulnerabilities

Fortinet Patches High-Severity Vulnerabilities

The bugs could be exploited without authentication for command execution and authentication bypass. The post Fortinet Patches High-Severity Vulnerabilities appeared first on SecurityWeek.

Fortinet patches

Fortinet on Tuesday published eight advisories describing security defects addressed in FortiAuthenticator, FortiClient for Windows, FortiGate, FortiOS, and FortiSandbox, including two high-severity issues.

The most severe of these is CVE-2025-52436, an XSS bug in FortiSandbox that could be exploited via crafted requests to execute commands without authentication.

Next in line is CVE-2026-22153, an authentication bypass in FortiOS that can be exploited under certain configurations to bypass LDAP authentication of Agentless VPN or FSSO policy.

The company also rolled out fixes for medium-severity flaws in FortiOS, FortiAuthenticator, FortiGate, and FortiClient for Windows that could be exploited to obtain sensitive information, smuggle HTTP requests, modify user accounts, execute arbitrary code or commands, and write arbitrary files.

Of these, CVE-2025-68686 deserves special attention. Described as the exposure of sensitive information in FortiOS SSL-VPN, it is a bypass for patches deployed against previously exploited bugs, Fortinet says.

“It may allow a remote unauthenticated attacker to bypass the patch developed for the symbolic link persistence mechanism observed in some post-exploit cases, via crafted HTTP requests,” Fortinet says.

The flaw is linked to the exploitation of older Fortinet firewall vulnerabilities – CVE-2022-42475, CVE-2023-27997, and CVE-2024-21762 – and requires that the attacker first compromise the target product via a different security defect.

“This vulnerability can only be abused as a consequence of a threat actor exploiting a known vulnerability to implement read-only access to vulnerable FortiGate devices, at file system level. Products that never had SSL-VPN enabled are not impacted by this issue,” Fortinet explains.

The company’s fresh round of fixes came out only four days after a critical SQL injection flaw, tracked as CVE-2026-21643 (CVSS score of 9.1), was addressed in FortiClientEMS. The issue could be exploited remotely, without authentication, for arbitrary code execution via crafted HTTP requests.

Fortinet makes no mention of any of these vulnerabilities being exploited in the wild, but users are advised to patch them as soon as possible. Additional information can be found on the company’s PSIRT advisories page.

Related: Fortinet Patches Exploited FortiCloud SSO Authentication Bypass

Related: Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM

Related: Fortinet Warns of New Attacks Exploiting Old Vulnerability

Related: In-the-Wild Exploitation of Fresh Fortinet Flaws Begins

Latest News

CYBERNEWSMEDIAPublisher