THREAT OPS › Threat News › FortiBleed: Credential Reuse, Legacy Hashes, and the Risk of Internet-Exposed FortiGate Devices
FortiBleed: Credential Reuse, Legacy Hashes, and the Risk of Internet-Exposed FortiGate Devices
<div style="background-color: #f7f8fc; padding: 36px 28px; margin: 30px 0;"> <h3 style="margin: 0 0 22px; color: #ed1c24; font-size: 24px; font-weight: 700; line-height: 1.3;"> Key Takeaways </h3>
<ul style="margin: 0; padding-left: 18px; color: #6f7b91; font-size: 21px; font-weight: 600; line-height: 1.5;">
<li style="margin-bottom: 12px;"> FortiBleed refers to June 2026
MITRE ATT&CK techniques
Indicators of compromise
- CVE-2026-24858cve
- CVE-2025-59718cve
- CVE-2025-59719cve
- CVE-2018-13379cve
- CVE-2022-40684cve
- CVE-2022-42475cve
- CVE-2023-27997cve
- CVE-2024-21762cve
- https://www.fortinet.com/blog/psirt-blogs/analysis-of-reported-credential-compromise-of-fortigate-devicesurl
- https://www.ncsc.gov.uk/news/advice-following-global-targeting-of-fortinet-firewalls-and-vpn-gatewaysurl
- https://www.qualys.com/apps/vulnerability-management-detection-responseurl
- https://www.qualys.com/apps/cybersecurity-asset-managementurl
- https://www.qualys.com/demo/enterprise-trurisk-managementurl
Original source: https://blog.qualys.com/category/vulnerabilities-threat-research