Security News > 2024 > November > Fortinet VPN design flaw hides successful brute-force attacks

Fortinet VPN design flaw hides successful brute-force attacks

2024-11-21 14:38

A design flaw in the Fortinet VPN server's logging mechanism can be leveraged to conceal the successful verification of credentials during a brute-force attack without tipping off defenders of compromised logins. [...]

News URL

https://www.bleepingcomputer.com/news/security/fortinet-vpn-design-flaw-hides-successful-brute-force-attacks/

#attack #fortinet #VPN

Related news

Fortinet patches VPN app flaw that could give rogue users, malware a privilege boost (source)
Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials (source)
Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer (source)
New NachoVPN attack uses rogue VPN servers to install malicious updates (source)
VPN vulnerabilities, weak credentials fuel ransomware attacks (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Fortinet		77	15	314	277	81	687

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.