Security News > 2024 > November > Fortinet VPN design flaw hides successful brute-force attacks

Fortinet VPN design flaw hides successful brute-force attacks

2024-11-21 14:38

A design flaw in the Fortinet VPN server's logging mechanism can be leveraged to conceal the successful verification of credentials during a brute-force attack without tipping off defenders of compromised logins. [...]

News URL

https://www.bleepingcomputer.com/news/security/fortinet-vpn-design-flaw-hides-successful-brute-force-attacks/

#attack #fortinet #VPN

Related news

Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces (source)
PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack (source)
48,000+ internet-facing Fortinet firewalls still open to attack (source)
IPany VPN breached in supply-chain attack to push custom malware (source)
Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams (source)
Massive brute force attack uses 2.8 million IPs to target VPN devices (source)
SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Fortinet		80	20	348	308	92	768

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.