Fortinet confirmed that a December patch failed to fully secure its FortiCloud single sign-on system, allowing attackers to access devices with the supposed fix. New attack methods have been identified, prompting Fortinet to investigate further and advise customers to monitor for unusual login activity.

Fortinet identified a serious vulnerability in FortiClientEMS (CVE-2026-21643) that allows unauthorized code execution through its web interface. While there are no known active exploits yet, applying the available fixes is crucial to prevent potential attacks. Versions 7.2 and 8.0 are not affected.

A critical vulnerability identified as CVE-2025-25257 in Fortinet’s FortiWeb can lead to remote code execution, posing significant security risks. Users are urged to apply patches immediately to mitigate potential exploitation of this flaw.

Researchers have developed a proof of concept (PoC) for a critical vulnerability in Fortinet's products, identified as CVE-2025-32756. The vulnerability allows for remote code execution, prompting the need for a quick patch to mitigate potential exploits. Users are advised to update their systems promptly to avoid security risks.