FortiGate VPN Default Config Allows MitM Attacks

Posted by & filed under Security Alerts.

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle (MitM) attacks, according to researchers, where threat actors could intercept important data. According to the SAM IoT Security Lab, the FortiGate SSL-VPN client only verifies that the certificate used for client… Read more »