CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Critical Authentication and Code Execution Flaws Patched in Fortinet, Ivanti, and SAP Products

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Fortinet, Ivanti, and SAP have released urgent patches for critical vulnerabilities in their products. Fortinet addressed flaws in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow unauthenticated attackers to bypass authentication via crafted SAML messages. Ivanti patched a critical stored XSS flaw in Endpoint Manager (EPM) that could lead to arbitrary JavaScript execution. SAP fixed three critical vulnerabilities, including a code injection flaw in SAP Solution Manager and a deserialization vulnerability in SAP jConnect SDK.

Timeline

  1. 10.12.2025 06:50 1 articles · 6h ago

    Critical Vulnerabilities Patched in Fortinet, Ivanti, and SAP Products

    Fortinet, Ivanti, and SAP have released patches for critical vulnerabilities in their products. Fortinet addressed flaws in multiple products that could allow authentication bypass. Ivanti patched a critical stored XSS flaw in Endpoint Manager. SAP fixed three critical vulnerabilities, including a code injection flaw in SAP Solution Manager and a deserialization vulnerability in SAP jConnect SDK.

    Show sources
    Open in new tab

Information Snippets