US EditionProduct Security Advisory and Analysis: Observed Abuse of FG-IR-19-283
This story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.5 Articles
5 Articles
The Hacker News
cybernoz.comFortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability
Fortinet on Wednesday said it observed "recent abuse" of a five-year-old security flaw in FortiOS SSL VPN in the wild under certain configurations. The vulnerability in question is CVE-2020-12812 (CVSS score: 5.2), an improper authentication vulnerability in SSL VPN in FortiOS that could allow a user to log in successfully without being prompted for the second factor of authentication if the
Product Security Advisory and Analysis: Observed Abuse of FG-IR-19-283
This blog analysis describes the observed abuse and provides additional context so that administrators can confirm that they are not impacted and guidance based on Fortinet observations to prevent FG-IR-19-283 from being exploited. This article has been indexed from PSIRT Blog Read the original article: Product Security Advisory and Analysis: Observed Abuse of FG-IR-19-283 The post Product Security Advisory and Analysis: Observed Abuse of …
An attacker can bypass restrictions of FortiOS, via Insufficient Session Expiration, in order to gain user privileges. View online : https://vigilance.fr/vulnerability/...
An attacker can circumvent FortiAnalyzer's restrictions, via Concurrent Execution, in order to obtain the privileges of a user. See online: https://vigilance.fr/vulnerability/...
Coverage Details
Bias Distribution
- There is no tracked Bias information for the sources covering this story.
Factuality
To view factuality data please Upgrade to Premium