CVE

CVE-2019-6693

2field notes · 0digests

View all posts tagged #cve-2019-6693 →

Field notes

Analysis · May 8, 2026 · The Commentary Desk
Five critical Fortinet CVEs in 28 months is not a streak of bad luck
Three heap overflows, two auth bypasses, all pre-auth, all ransomware-linked. The pattern in FortiOS and FortiProxy is structural, and patching alone has not been enough to remove attacker access.
Analysis · May 6, 2026 · The Field Notes Desk
Fortinet encrypted your config backups with 'Mary had a littl' for six years
Every FortiGate encrypted config backups with the same AES key for years. Akira ransomware automated the decryption. Fortinet keeps shipping this class of bug.