CVE-2026-24858

..... Allows an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts.....

https://fortiguard.fortinet.com/psirt/FG-IR-26-060

Fortinet hat ein Advisory zu einer neuen Schwachstelle CVE-2026-24858 in der FortiCloud-SSO-Implementierung veröffentlicht. Diese erlaubt es Angreifern mit einem FortiCloud-Konto und einem registrierten Gerät, sich bei anderen Geräten anzumelden, welche anderen Konten zugeordnet sind, sofern die FortiCloud-SSO-Authentifizierung auf diesen aktiviert wurde.
Patches sollten zeitnah installiert werden (sobald verfügbar). Das BSI hat entsprechend seinen Sicherheitshinweis aktualisiert.

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager 7.4.0 through 7.4.9, FortiManager 7.2.0 through 7.2.11, FortiManager 7.0.0 through 7.0.15, FortiOS ...

🔗 https://db.gcve.eu/vuln/cve-2026-24858

#fortinet #vulnerabilitymanagement #cybersecurity

CVE-2026-24858
An attacker with basic FortiCloud account and a registered device can log into other Fortinet devices. No, not their own devices. Devices registered to entirely different FortiCloud accounts.

Fortinet coupe le SSO en attendant les patchs pour la nouvelle faille zero-day : CVE-2026-24858 https://www.it-connect.fr/fortinet-coupe-le-sso-en-attendant-les-patchs-pour-la-nouvelle-faille-zero-day-cve-2026-24858/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #Fortinet

Fortinet confirms active exploitation of FortiCloud SSO auth bypass (CVE-2026-24858, CVSS 9.4).
Cross-customer access via trusted SSO paths observed.

SSO now blocked for vulnerable versions - patching required.

https://www.technadu.com/fortinet-temporarily-disables-forticloud-sso-following-active-exploitation/619206/

#InfoSec #Fortinet #CVE #IdentitySecurity

Fortinet Confirms CVE-2026-24858 SSO Flaw Under Active Attack https://www.esecurityplanet.com/threats/fortinet-confirms-cve-2026-24858-sso-flaw-under-active-attack/

Here's a summary of recent important global, technology, and cybersecurity news:

Global: India has contained a Nipah virus outbreak (Jan 28, 2026). The EU approved a ban on Russian gas imports, effective from 2027 (Jan 27, 2026).

Technology: The EU is pressing Google to share AI and search data under new regulations (Jan 27, 2026). Samsung is nearing Nvidia approval for advanced HBM4 AI memory chips (Jan 27, 2026). Fujitsu developed AI for space weather prediction (Jan 28, 2026).

Cybersecurity: Microsoft issued emergency patches for an actively exploited Office zero-day vulnerability (CVE-2026-21509) (Jan 27, 2026). Fortinet patched a critical FortiOS SSO authentication bypass (CVE-2026-24858) under active exploitation (Jan 28, 2026). AI-powered polymorphic phishing attacks are also a growing concern (Jan 28, 2026).

#News #Anonymous #AnonNews_irc

WinRAR-Schwachstelle CVE-2025-8088: Staatsakteure und Cyberkriminelle nutzen Sicherheitslücke massiv aus

Bei CVE-2025-8088 handelt es sich um eine hochriskante Path-Traversal-Schwachstelle, die Angreifer durch Manipulation von Alternate Data Streams (ADS) ausnutzen können.

https://www.all-about-security.de/winrar-schwachstelle-cve-2025-8088-staatsakteure-und-cyberkriminelle-nutzen-sicherheitsluecke-massiv-aus/

#ads
#cve #WinRAR #cybersecurity

Microsoft has rushed out an emergency security update for Office (CVE‑2026‑21509) after confirming the flaw is already being exploited in the wild. 🔐

The high‑severity security feature bypass lets attackers bypass OLE protections and run malicious code via specially crafted Office files. 📄⚠️

👉 Microsoft issues emergency fix for actively exploited Office flaw:
https://cyberinsider.com/microsoft-issues-emergency-fix-for-actively-exploited-office-flaw/
#Microsoft #Office #Security #CVE202621509 #PatchNow

Threre is also #OnlyOffice

https://www.onlyoffice.com/download-desktop

Here's a summary of recent important global, technology, and cybersecurity news:

Global: India has contained a Nipah virus outbreak (Jan 28, 2026). The EU approved a ban on Russian gas imports, effective from 2027 (Jan 27, 2026).

Technology: The EU is pressing Google to share AI and search data under new regulations (Jan 27, 2026). Samsung is nearing Nvidia approval for advanced HBM4 AI memory chips (Jan 27, 2026). Fujitsu developed AI for space weather prediction (Jan 28, 2026).

Cybersecurity: Microsoft issued emergency patches for an actively exploited Office zero-day vulnerability (CVE-2026-21509) (Jan 27, 2026). Fortinet patched a critical FortiOS SSO authentication bypass (CVE-2026-24858) under active exploitation (Jan 28, 2026). AI-powered polymorphic phishing attacks are also a growing concern (Jan 28, 2026).

#News #Anonymous #AnonNews_irc

Nearly 800,000 #Telnet servers exposed to remote attacks

The security flaw (CVE-2026-24061) already has a proof-of-concept exploit, impacts GNU InetUtils versions 1.9.3 (released in 2015) through 2.7, and was patched in version 2.8 (released on January 20).

https://www.bleepingcomputer.com/news/security/nearly-800-000-telnet-servers-exposed-to-remote-attacks/

🚨 Critical #Telnet Authentication Bypass Vulnerability Discovered #CVE202624061 #cybersecurity #infosec #DevOps #security

🔓 #GNU Inetutils telnetd through version 2.7 allows remote authentication bypass via "-f root" USER environment variable

⚡ The exploit is shockingly simple: attackers send "-f root" as the USER value, triggering /usr/bin/login -f root which skips password authentication entirely

🧵 👇

https://www.cve.org/CVERecord?id=CVE-2026-24061

#itsecurity #unix #linux #telnet #telnetd

✅ Immediate action required: Update to GNU Inetutils 2.8+ or migrate to #SSH for secure remote access

https://nvd.nist.gov/vuln/detail/CVE-2026-24061

Yes, there's RCE in #OpenSSL 3.x, but thankfully it isn't in the HTTPS side of things:

"Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk."

https://openssl-library.org/news/vulnerabilities/#CVE-2025-15467

‼️AISLE Goes 12-for-12 on OpenSSL Vulnerability Detection

CVEs Published: January 27th, 2026

High and Moderate Severity Flaws:

▪️CVE-2025-15467: Stack Buffer Overflow in CMS AuthEnvelopedData Parsing (High): A vulnerability with the potential to enable remote code execution under specific conditions

▪️CVE-2025-11187: PBMAC1 Parameter Validation in PKCS#12 (Moderate): Missing validation that could trigger a stack-based buffer overflow

Low Severity Flaws:

▪️CVE-2025-15468: Crash in QUIC protocol cipher handling
▪️CVE-2025-15469: Silent truncation bug affecting post-quantum signature algorithms (ML-DSA)
▪️CVE-2025-66199: Memory exhaustion via TLS 1.3 certificate compression
▪️CVE-2025-68160: Memory corruption in line-buffering (affects code back to OpenSSL 1.0.2)
▪️CVE-2025-69418: Encryption flaw in OCB mode on hardware-accelerated paths
▪️CVE-2025-69419: Memory corruption in PKCS#12 character encoding
▪️CVE-2025-69420: Crash in TimeStamp Response verification
▪️CVE-2025-69421: Crash in PKCS#12 decryption
▪️CVE-2026-22795: Crash in PKCS#12 parsing
▪️CVE-2026-22796: Crash in PKCS#7 signature verification (affects code back to OpenSSL 1.0.2)

"When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs.

Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk."

Writeup: https://aisle.com/blog/aisle-discovered-12-out-of-12-openssl-vulnerabilities

The VulnCheck research team found an unauth RCE vuln in SmarterMail that at least three other researchers discovered independently. VulnCheck canaries are also detecting in-the-wild exploitation of CVE-2026-24423. Lots of sudden attention on this software from researchers and adversaries.

https://www.vulncheck.com/blog/smartermail-connecttohub-rce-cve-2026-24423

React2Shell: IoT Nightmare Unleashed!

CVE-2025-55182 allows attackers to take control of IoT devices and web servers with a single HTTP request due to flaws in React Server Components.

Dive into its origins and explore hands-on exploits!

Article on this topic https://hackers-arise.com/react2shell-vulnerability-exploited-to-build-massive-iot-botnet/
#cybersecurity #hacking #vulnerability #infosec #hackingtools

🔴 CVE-2025-40551 - Critical (9.8)

SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without au...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-40551/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

SolarWinds has just announced four high-severity vulnerabilities in its Web Help Desk (WHD) software that could lead to full system takeover.

These flaws include unauthenticated Remote Code Execution (RCE) via insecure deserialization and multiple Authentication Bypasses, allowing attackers to execute protected methods without any credentials.

CVE-2025-40551 & CVE-2025-40553 (Unauthenticated RCE)
CVE-2025-40552 & CVE-2025-40554 (Auth Bypass)

https://www.thehackerwire.com/solarwinds-patches-critical-rce-and-auth-bypass-flaws-in-web-help-desk/

Check Point Harmony Secure Access Service Edge Has A Critical Local Privilege Escalation Flaw

Researchers have uncovered a critical privilege-escalation vulnerability, in Check Point’s Harmony Secure Access Service Edge Windows client software, tracked as CVE-2025-9142, that enables hackers to write or delete files outside the certificate working directory that could compromise systems. More info can be here: Jim Routh, Chief Trust Officer at Saviynt, commented: “This…

https://itnerd.blog/2026/01/28/check-point-harmony-secure-access-service-edge-has-a-critical-local-privilege-escalation-flaw/