Bleeping Computer reports that hackers are exploiting an old vulnerability in FortiOS that can be used to get around the two-factor authentication (2FA) requirement.
The vulnerability, designated CVE-2020-12812, was patched back in July 2020, but five and a half years later, there are still at least 10,000 firewalls that have not been updated.
To be on the safe side, all users of FortiOS and Fortigate are therefore urged to install the latest updates as soon as possible.
This news brief originally appeared on ComputerSweden.
More Fortinet security news:
FortiGate firewall credentials being stolen after vulnerabilities discovered
Fortinet admins urged to update software to close FortiCloud SSO holes
No Responses