Archive Alerts | VanRoey

CVEs for Fortigate and FortiAuthenticator

Two security issues have been discovered in the FortiGate and FortiAuthenticator Fortinet products; these are urgent but, fortunately, can be easily resolved with an upgrade.

Fortinet FortiSandbox CVE-2026-39813

Critical vulnerabilities in FortiSandbox (CVE-2026-39813 and CVE-2026-39808) allow unauthenticated access. Systems running versions 4.4.0–4.4.8 and 5.0.0–5.0.5 are vulnerable. An upgrade to FortiSandbox 4.4.9 or 5.0.6 (or later) is necessary to prevent exploitation.

FortiClient EMS – update required

We are informing you about a critical vulnerability in FortiClient EMS (CVSS 9.1) for which an essential update is required. This vulnerability could impact environments where FortiClient EMS is currently in use.

FortiClient – update required

We would like to inform you of a necessary update regarding FortiClient and FortiClient EMS that may impact environments where these solutions are currently being used.

HPE Aruba CX switches

Critical vulnerability (CVSS 9.8) in Aruba AOS-CX switches. Find out which versions are affected and what update is needed to secure your network.

FortiSandbox CVE-2025-52436

FortiSandbox has a security issue in older versions. Update to 5.0.2+ or 4.4.8+. For PaaS, the fix is there in 4.4.8 and 5.0.5.

Administrative FortiCloud SSO authentication bypass - CVE-2026-24858

Cybersecurity Patch Updates | VanRoey.be

A flaw in FortiCloud SSO allows an attacker to log into other people's devices with their own FortiCloud account, resulting in full admin access.

Fortinet Vulnerabilities 12/2025

Fortinet has confirmed a critical vulnerability within FortiProxy and FortiSwitch Manager, potentially impacting multiple Fortinet products. This vulnerability could allow attackers to gain unauthorised access to vulnerable systems.

Fortiweb relative path traversal CVE-2025-64446

A serious vulnerability in FortiWeb, a solution from manufacturer Fortinet, has been discovered and should be patched as soon as possible.

Netscaler (Citrix) Vulnerabilities 08/2025

Citrix has reported three serious vulnerabilities in Netscaler. VanRoey is proactively rolling out the update to protect customers immediately and mitigate the impact.

N-Central Vulnerabilities 08/2025

Wouter monitors infrastructure within managed services

N-Able has fixed two serious vulnerabilities in N-Central. VanRoey is proactively rolling out the update to protect customers immediately and limit the impact.

SharePoint Vulnerability 07/2025

Microsoft recently discovered two critical vulnerabilities in on-premises SharePoint Servers

Ruckus Vulnerability 07/2025

Several Ruckus network products, including ZoneDirector and SmartZone have a vulnerability that needs to be fixed quickly.

Vmware ESXI Vulnerabilities 07/2025

4 actively used zero-day vulnerabilities in multiple VMware products were addressed with key patches.

Critical vulnerabilities in VMware vCenter Server

VMware released a critical security update on 16 May 2025 (VMSA-2025-0010). This advisory contains three vulnerabilities that primarily impact vCenter Server and VMware Cloud Foundation.

Strategic IT partner

Count on our expertise to accelerate your digitisation

Managed Services

Expertise Services

VanRoey SOC

Cybersecurity

Infrastructure

Applications

Retailers

Installation companies

Manufacturing companies

Project developers

Construction companies

Bespoke companies

Public sector

Events

Webinars

Inspiration Centre

Working at VanRoey