Over 10,000 Fortinet firewalls remain exposed online and vulnerable to exploitation of a five-year-old critical 2FA bypass flaw, CVE-2020-12812. Cybercriminals and nation-state actors continue to exploit this vulnerability in ongoing attacks. #Fortinet #CVE2020-12812
Keypoints
- Over 10,000 vulnerable Fortinet firewalls are still exposed on the internet.
- The flaw CVE-2020-12812 affects FortiGate SSL VPNs and allows 2FA bypass via username case changes.
- Attackers are actively exploiting unpatched configurations, especially with LDAP enabled.
- Fortinet, CISA, and FBI have issued warnings about ongoing exploitation of this vulnerability.
- Recent attacks include nation-state actors exploiting multiple Fortinet vulnerabilities, including CVE-2020-12812.