SANS Stormcast Monday, November 17th, 2025: New(isch) Fortiweb Vulnerability; Finger and ClickFix

SANS Stormcast: Daily Cyber Security News

Transcribed

SANS Stormcast Monday, November 17th, 2025: New(isch) Fortiweb Vulnerability; Finger and ClickFix

Nov 17, 2025 · 7m 10s

Description

Fortiweb Vulnerability Fortinet, with significant delay, acknowledged a recently patched vulnerability after exploit attempts were seen publicly. https://isc.sans.edu/diary/Honeypot+FortiWeb+CVE202564446+Exploits/32486 https://labs.watchtowr.com/when-the-impersonation-function-gets-used-to-impersonate-users-fortinet-fortiweb-auth-bypass/ https://fortiguard.fortinet.com/psirt/FG-IR-25-910?ref=labs.watchtowr.com Flnger.exe and ClickFix Attackers started to use the finger.exe binary...

Fortiweb Vulnerability
Fortinet, with significant delay, acknowledged a recently patched vulnerability after exploit attempts were seen publicly.
https://isc.sans.edu/diary/Honeypot+FortiWeb+CVE202564446+Exploits/32486
https://labs.watchtowr.com/when-the-impersonation-function-gets-used-to-impersonate-users-fortinet-fortiweb-auth-bypass/
https://fortiguard.fortinet.com/psirt/FG-IR-25-910?ref=labs.watchtowr.com
Flnger.exe and ClickFix
Attackers started to use the finger.exe binary to retrieve additional payload in ClickFix attacks
https://isc.sans.edu/diary/Finger.exe%20%26%20ClickFix/32492

show less

Comments

Information

Author	Johannes Ullrich
Organization	Johannes Ullrich
Website	-
Tags	#business #clickfix #computer #cyber #cybersecurity #daily #finger #finger.exe #fortinet #fortiweb #hacking #infosec #internet #it #network #news #security