Vulnerabilities Fortinet, Ivanti, Intel Patch High-Severity Vulnerabilities The bugs could lead to arbitrary code execution, privilege escalation, or authentication rate-limit bypass. By Ionut Arghire | March 11, 2026 (8:10 AM ET) Flipboard Reddit Whatsapp Whatsapp Email Fortinet, Ivanti, and Intel on Tuesday rolled out security fixes for dozens of vulnerabilities, including high-severity bugs that could be exploited for arbitrary code execution, privilege escalation, or security protection bypasses. Fortinet announced patches for 22 security defects across its products, including high-severity flaws in FortiWeb, FortiSwitchAXFixed, FortiManager, and FortiClientLinux. The FortiWeb, FortiSwitchAXFixed, and FortiManager issues could be exploited by remote, unauthenticated attackers to bypass the authentication rate limit or execute unauthorized code or commands. The FortiClientLinux weakness, described as a Symlink following vulnerability, could allow local attackers to escalate their privileges to root. On Tuesday, Fortinet also addressed medium- and low-severity flaws that could lead to data tampering, security protection bypasses, arbitrary code execution, information disclosure, denial-of-service (DoS), arbitrary command execution, privilege escalation, or social engineering attacks. Fortinet made no mention of any of these vulnerabilities being exploited in the wild. Advertisement. Scroll to continue reading. Ivanti rolled out fixes for a high-severity security defect in Desktop and Server Management (DSM) before version 2026.1.1 that could allow attackers to elevate their privileges, noting that it is not aware of the flaw being exploited. Intel published an advisory describing nine vulnerabilities in the UEFI for some Intel reference platforms, including five high-severity bugs that could lead to local code execution, privilege escalation, and information disclosure. UEFI firmware updates were released for over 45 Intel processor models affected by these security defects. None of these appears to have been exploited in the wild. Related: ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Moxa, Mitsubishi Electric Related: Microsoft Patches 83 Vulnerabilities Related: Adobe Patches 80 Vulnerabilities Across Eight Products Related: SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities Written By Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. More from Ionut Arghire SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities Escape Raises $18 Million to Automate Pentesting Recent Ivanti Endpoint Manager Flaw Exploited in Attacks ClickFix Attack Uses Windows Terminal to Evade Detection Internet Infrastructure TLD .arpa Abused in Phishing Attacks Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign Over 100 GitHub Repositories Distributing BoryptGrab Stealer ArmorCode Raises $16 Million for Exposure Management Platform Latest News OpenAI to Acquire AI Security Startup Promptfoo How to 10x Your Vulnerability Management Program in the Agentic Era Michelin Confirms Data Breach Linked to Oracle EBS Attack Quantro Security Emerges From Stealth With $2.5 Million in Funding ‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Moxa, Mitsubishi Electric Microsoft Patches 83 Vulnerabilities Adobe Patches 80 Vulnerabilities Across Eight Products Trending Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Securing Fragile OT in an Exposed World March 10, 2026 Get a candid look at the current OT threat landscape as we move past "doom and gloom" to discuss the mechanics of modern OT exposure. Register Virtual Event: Supply Chain Security and Third-Party Risk Summit March 18, 2026 Join the event where top security experts unpack the biggest software supply chain risks. Register People on the Move Ed Jennings has been appointed President and CEO at Darktrace. Ironscales has appointed Steven Malone as CSO and Amit Bluman as SVP of Research & Development. Synack has appointed Angela Heindl-Schober Chief Marketing Officer. More People On The Move Expert Insights How to 10x Your Vulnerability Management Program in the Agentic Era The evolution of vulnerability management in the agentic era is characterized by continuous telemetry, contextual prioritization and the ultimate goal of agentic remediation. (Nadir Izrael) SIM Swaps Expose a Critical Flaw in Identity Security SIM swap attacks exploit misplaced trust in phone numbers and human processes to bypass authentication controls and seize high-value accounts. (Torsten George) Four Risks Boards Cannot Treat as Background Noise The goal isn’t about preventing every attack but about keeping the business running when attacks succeed. (Steve Durbin) How to Eliminate the Technical Debt of Insecure AI-Assisted Software Development Developers must view AI as a collaborator to be closely monitored, rather than an autonomous entity to be unleashed. Without such a mindset, crippling tech debt is inevitable. (Matias Madou) Security in the Dark: Recognizing the Signs of Hidden Information Security failures don’t always start with attackers, sometimes they start with missing truth. (Joshua Goldfarb) Flipboard Reddit Whatsapp Whatsapp Email