Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

/in

Fortinet on Wednesday said it observed “recent abuse” of a five-year-old security flaw in FortiOS SSL VPN in the wild under certain configurations.
The vulnerability in question is CVE-2020-12812 (CVSS score: 5.2), an improper authentication vulnerability in SSL VPN in FortiOS that could allow a user to log in successfully without being prompted for the second factor of authentication if the

The Hacker News – ​Read More

OpenAI admits prompt injection is here to stay as enterprises lag on defens...OpenAI admits prompt injection is here to stay as enterprises lag on defensesCISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code ExecutionCISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code...