Fortinet reports ongoing exploitation of a five-year-old vulnerability in FortiOS SSL VPN, CVE-2020-12812, which allows bypassing two-factor authentication under specific configurations. Organizations are urged to update their systems and adjust settings to mitigate the risk of unauthorized access. #CVE202012812 #FortiOS
Keypoints
- The vulnerability stems from improper case-sensitive user authentication matching in FortiOS SSL VPN.
- Successful exploitation can allow threat actors to bypass two-factor authentication and access VPN or admin accounts.
- Fortinet released patches in July 2020 and recommended configuration commands to disable username sensitivity and prevent attacks.
- Exploitation requires specific conditions, including LDAP group memberships and local user entries with 2FA enabled.
- Organizations should consider removing unnecessary LDAP groups and reset credentials if unauthorized access is suspected.
Read More: https://thehackernews.com/2025/12/fortinet-warns-of-active-exploitation.html