Fortinet, Ivanti, and Intel have issued important security updates to address numerous vulnerabilities, some of which are classified as high-severity. These patches are essential for preventing potential threats such as arbitrary code execution, privilege escalation, and security bypass.
Fortinet Patches Multiple Products
On Tuesday, Fortinet revealed fixes for 22 vulnerabilities affecting various products. Critical issues identified in FortiWeb, FortiSwitchAXFixed, and FortiManager allow remote attackers to potentially bypass security measures or execute unauthorized commands. Additionally, a vulnerability in FortiClientLinux could enable local users to gain root access via a Symlink following vulnerability.
Besides these high-severity issues, Fortinet addressed medium- and low-severity flaws that could lead to data tampering, security bypass, unauthorized code execution, and more. Notably, there is no indication that these vulnerabilities have been exploited by attackers so far.
Ivanti’s Security Update for DSM
Ivanti has released a critical fix targeting a security flaw in its Desktop and Server Management software, specifically versions prior to 2026.1.1. This vulnerability could be exploited to elevate user privileges. Ivanti reassured users that there is no evidence of this flaw being actively exploited.
Intel Targets UEFI Vulnerabilities
Intel’s update addressed nine issues found in the UEFI firmware of several reference platforms. Among these, five are high-severity vulnerabilities that could lead to unauthorized code execution, increased privileges, and disclosure of information. Intel has provided firmware updates for more than 45 processor models to mitigate these risks. There are currently no reports of these vulnerabilities being exploited in the wild.
These updates highlight the ongoing commitment of Fortinet, Ivanti, and Intel to secure their products against evolving cyber threats. Users are encouraged to apply these patches promptly to safeguard their systems.
