On January 14, 2025, Fortinet announced several vulnerabilities impacting multiple products. At Systems Engineering, we are highlighting these vulnerabilities as they affect the Fortinet solutions we support. Specifically, these issues impact FortiGate, FortiSwitch, FortiManager, FortiAnalyzer, FortiClient EMS, and FortiClient for Windows.

It's no surprise that AI is transforming the cybersecurity landscape, but its role in amplifying brute-force attacks deserves closer attention. Brute-force attacks have long been a cybersecurity concern, where cybercriminals try to gain unauthorized access to systems, accounts, or sensitive data by systematically trying every possible combination of usernames and passwords.

In today's digital landscape, criminals are becoming increasingly sophisticated, using artificial intelligence (AI) to create convincing scams that are harder than ever to detect. From realistic fake messages to deepfake videos, these AI-driven tactics are designed to deceive and exploit both individuals and businesses. Staying informed and proactive is essential to safeguarding yourself and your organization from these escalating threats. In this blog, we'll explore AI-powered scams and share practical steps you can take to protect your personal and professional security.

As deadlines for Cybersecurity Maturity Model Certification (CMMC) compliance draw closer, prime contractors face an increasing challenge: ensuring their own certification and supporting their entire supply chain in achieving compliance. This responsibility has become an urgent and complex priority for those managing defense contracts. The issue extends beyond the prime's readiness—subcontractors' compliance directly impacts your ability to deliver on the contract. The stakes are clear: one non-compliant subcontractor can jeopardize the entire supply chain. 

CMMC RPO Integrates Managed IT, Cybersecurity, and CMMC Advisory for the Defense Industrial Base

Systems Engineering is aware of the Fortinet FortiOS, FortiManager, and FortiAnalyzer affecting multiple versions of these products.

Fortinet rates these vulnerabilities as HIGH.

Systems Engineering is aware of the Fortinet FortiManager missing authentication for critical function vulnerability in the fgfmd process, CVE-2024-47575. Reports have shown this vulnerability to be exploited in the wild.