A critical authentication bypass vulnerability in FortiGate devices enables threat actors to circumvent two-factor authentication (2FA) protections through case-sensitive username manipulation. The flaw, tracked as CVE-2020-12812, affects organizations with specific LDAP integration configurations and remains exploitable on unpatched systems. The vulnerability stems from FortiGate’s default case-sensitive username handling conflicting with LDAP directories that treat usernames […]

The post Unpatched FortiGate Security Flaw Allows Attackers to Bypass 2FA Controls appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/unpatched-fortigate-security-flaw/