Fortinet and Ivanti have released October 2025 patches to address critical vulnerabilities affecting their products, which could lead to privilege escalation, data breaches, and remote code execution. Although no evidence suggests active exploitation, these vulnerabilities are often targeted by threat actors, emphasizing the importance of timely patch application. #FortiDLP #CVE202552951 #IvantiEPMM #CISA
Keypoints
- Fortinet fixed 29 advisories with several high-severity vulnerabilities impacting multiple products.
- Critical flaws include privilege escalation, data disclosure, and remote code execution risks.
- Ivanti addressed high-severity issues in Endpoint Manager Mobile and Neurons for MDM, including MFA bypass.
- Most vulnerabilities are not known to be exploited in the wild but are often targeted by threat actors.
- Prompt patching is recommended to mitigate risks associated with these product vulnerabilities.
Read More: https://www.securityweek.com/high-severity-vulnerabilities-patched-by-fortinet-and-ivanti/