WatchGuard published a new security vulnerability on December 18, 2025, which you absolutely must be aware of:
WatchGuard Firebox iked Out of Bounds Write Vulnerability (CVE-2025-14773)(WGSA-2025-00027) CVSS 9.3
FortiWeb: Path confusion vulnerability in GUI / CVSS:9.1
Fortinet published information about a new vulnerability in FortiWeb. Affected devices must have specific firmware patches and management interfaces accessible via the WAN. Patched already exist to fix the issue.
Remediation Steps if your FortiGate got Hacked or Attacked
Last Update: 06.02.2026 … or accessed from any unauthorized party. In some cases it’s not even necessary to hack a system to gain access to it. For example it may be enough to leak a configuration file to allow unauthorized system access. Fortunately, many cases of a suspected hack turn…
PAN Security Advisory CVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect
Palo Alto Networks discovered a vulnerability (CVE-2024-3400) with a CVSSv4.0 base score of 10 that impacts PAN-OS version 10.2+ with GlobalProtect enabled. We strongly recommend all to review the advisory for remediation steps. Are you affected? This vulnerability does not apply to you if any one of the following apply:…
CVE-2023-27997 – FortiOS & FortiProxy – Heap buffer overflow in sslvpn pre-authentication
Please note the vulnerabilities in Fortinet products published in June. In particular, we would like to mention the vulnerability in FortiOS, which affects SSLVPN access and poses a major threat with a CVSSv3 score of 9.2. Fortinet PSIRT: https://www.fortiguard.com/psirt/FG-IR-23-097CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27997 Affected are FortiOS versions 6.0 to 7.2. Fortinet has already…
New Fortinet Vulnerabilities (March 2023)
Most of you have already read about the latest release of Fortinet’s new PSIRT advisories. There are 15 new vulnerabilities for FortiOS and other products with severity level from low up to critical. We strongly recommend that you checkt the PSIRT advisories and update your Fortinet products to one of…
WatchGuard Launches PSIRT Page
WatchGuard’s Product Security Incident Response Team (PSIRT) has launched their public PSIRT page to provide a consolidated resource where network administrators can find advisories and information about security vulnerabilities in WatchGuard products, as well as WatchGuard’s investigations into industry-wide security issues that may impact WatchGuard products or services. The published…
Exchange Hafnium Vulnerability March 2021
Let’s mention the important things first: Please patch you vulnerable Exchange 2013, 2016 and 2019 immediately! The page msxfaq has published an infosite to this vulnerability including the instructions how to fix your Exchange. Even though we, as Boll Engineering AG, are not associated in any way with the affected…
Upgrade your FortiMail now!
There seems to be a vulnerarbility in some FortiMail versions, that allow an unauthenticated remote attacker to access the system by requesting a password change. Please refer to the FortiGuard PSIRT article. The problem here is not only the unauthorized access to the system, but also the change of the…
