Fortinet alerts organizations about the re-emergence of a five-year-old vulnerability in FortiOS (CVE-2020-12812) that allows attackers to bypass two-factor authentication. This flaw has been exploited by ransomware groups and state-sponsored actors, emphasizing the need for urgent system updates. #CVE-2020-12812 #FortiWebVulnerability
Keypoints
- The vulnerability stems from differences in case sensitivity between FortiGate and LDAP Directory during authentication.
- Attackers can exploit this flaw by changing username cases, bypassing 2FA requirements.
- Exploitation requires specific configurations, including local users with 2FA referencing LDAP and LDAP group memberships.
- Mitigation involves updating to newer FortiOS versions and disabling username sensitivity settings.
- Organizations should review and remove unnecessary secondary LDAP groups to prevent exploitation.
Read More: https://www.securityweek.com/fortinet-warns-of-new-attacks-exploiting-old-vulnerability/