Affect versions from October 2022 to 2024
None of them is currently under active exploitation or publicly disclosed
Company advises users to upgrade their instances to the latest available version
The bug could allow an unauthenticated user to execute unauthorised commands via specifically crafted requests
Proof-of-concept exploit codes are available
Special attention called to Outlook issue under attack now
Vulnerability affecting FortiOS and FortiProxy, could allow remote code execution or DoS attacks
Miscreants could use the bug to launch remote code execution attacks
One zero-day is being actively exploited
Initial analysis indicates that the bug may not be as severe as Log4Shell