Improper Authentication in Fortinet FortiOS
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2020-12812 |
| CWE-ID | CWE-287 |
| Exploitation vector | Network |
| Public exploit | Vulnerability #1 is being exploited in the wild. |
| Vulnerable software |
FortiOS Operating systems & Components / Operating system |
| Vendor | Fortinet, Inc |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Improper Authentication
EUVDB-ID: #VU30135
Risk: Medium
CVSSv4.0: 8.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Green]
CVE-ID: CVE-2020-12812
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in when processing authentication requests in SSL VPN. A remote authenticated attacker can changed the case of their username and gain unauthorized access to the application without being prompted for the second factor of authentication (FortiToken).
MitigationInstall updates from vendor's website.
Vulnerable software versionsFortiOS: 6.0.0 - 6.4.0
CPE2.3- cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*
https://fortiguard.com/psirt/FG-IR-19-283
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
