Fortinet has warned customers that threat actors are still actively exploiting a critical FortiOS vulnerability that allows them to bypass two-factor authentication (2FA) when targeting vulnerable FortiGate firewalls.
https://www.bleepingcomputer.com/news/security/fortinet-warns-of-5-year-old-fortios-2fa-bypass-still-exploited-in-attacks/
BleepingComputer
npub1pk…z6763
2025-12-29 11:16:18 UTC
Author Public Key
npub1pkrnqz97z2wckgmwglckccgg65eanvw3wpvuses7npqlvv6st06svz6763Seen on
wss://relay.momostr.pinkPublished at
2025-12-29 11:16:18 UTCEvent JSON
{
"id": "eca7b32b793a1beafee4c89024a2ade754594c9b5e94506532041c416d5d2f65",
"pubkey": "0d873008be129d8b236e47f16c6108d533d9b1d17059c8661e9841f633505bf5",
"created_at": 1767006978,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/@BleepingComputer/115802569351033305",
"web"
],
[
"proxy",
"https://infosec.exchange/users/BleepingComputer/statuses/115802569351033305",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/BleepingComputer/statuses/115802569351033305",
"pink.momostr"
],
[
"-"
]
],
"content": "Fortinet has warned customers that threat actors are still actively exploiting a critical FortiOS vulnerability that allows them to bypass two-factor authentication (2FA) when targeting vulnerable FortiGate firewalls.\n\nhttps://www.bleepingcomputer.com/news/security/fortinet-warns-of-5-year-old-fortios-2fa-bypass-still-exploited-in-attacks/",
"sig": "56d6102e23363e099bda5e358c445fea12f3a581c16dbefd6a68fa07164487b0b38675f6f991b29290c6373a75e03d2ab12c4997d50e08e99e32c5fa5e1835b9"
}