Fortinet has confirmed that attackers are actively bypassing a December patch for a critical FortiCloud single sign-on (SSO) authentication flaw after customers reported suspicious logins on devices ...

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks ...

FortiGate firewalls are getting quietly reconfigured and stripped down by miscreants who've figured out how to sidestep SSO protections and grab sensitive settings right out of the box.… That's ...

Fortinet confirmed that a new zero-day vulnerability under exploitation was the cause of a spate of malicious logins through FortiCloud's single sign-on (SSO) feature. The cybersecurity vendor on ...

Fortinet has released security updates to address two critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCloud SSO ...

Vulnerabilities could allow an attacker to bypass single sign-on login protection; users should disable SSO until patching is complete. Admins using FortiCloud SSO (single sign on) to authenticate ...

CISA added the flaw to its KEVs catalog as Fortinet warned that patches for most affected versions remain “upcoming,” even though vulnerable devices can no longer use cloud SSO until upgraded.

A critical security flaw in FortiCloud SSO has left over 25,000 Fortinet devices vulnerable to hijack attempts. A critical security gap in FortiCloud's Single Sign-On (SSO) system has left more than ...

Fortinet firewalls are under threat from a single sign-on (SSO) vulnerability, which allows unauthorized configuration changes. According to researchers at Arctic Wolf, the exploit hinges on ...

Attackers are still targeting FortiOS, FortiManager, and FortiAnalyzer with FortiCloud SSO login enabled, creating admin accounts. This allows them to gain full control over devices. A functional ...