Cybercriminals are actively abusing a long-patched Fortinet FortiGate flaw from July 2020, slipping past two-factor authentication (2FA) on firewalls and potentially granting unauthorized access to VPNs and admin consoles.

Fortinet’s PSIRT team detailed the in-the-wild attacks in a recent blog post, urging admins to audit configurations immediately to avoid compromise.

news

Cybercriminals are actively abusing a long-patched Fortinet FortiGate flaw from July 2020, slipping past two-factor authentication (2FA) on firewalls and potentially granting unauthorized access to VPNs and admin consoles.

Fortinet’s PSIRT team detailed the in-the-wild attacks in a recent blog post, urging admins to audit configurations immediately to avoid compromise.