![]() ![]() The researchers set up a compromised IoT device that initiates MITM attack using ARP Poisoning, then Forticlient initiates VPN connection. We’ve searched and found over 200k vulnerable businesses in a matter of minutes.”Įxperts pointed out that the Fortigate SSL-VPN client only verifies that the CA was issued by Fortigate or by another trusted CA, this allows an attacker to present a certificate issued to a different Fortigate router to carry out a man-in-the-middle attack. “The Fortigate SSL-VPN client only verifies that the CA was issued by Fortigate (or another trusted CA), therefore an attacker can easily present a certificate issued to a different Fortigate router without raising any flags, and implement a Man-In-The-Middle attack. “Surprisingly (or not?), we quickly found that under default configuration the SSL VPN is not as protected as it should be, and is vulnerable to MITM attacks quite easily.” reads the analysis published by SAM Seamless Network. ![]() This choice could allow an attacker to present a valid SSL certificate and carry out man-in-the-middle (MitM) attacks on employees’ connections. The configuration of the VPN solutions is important to keep organizations secure and to avoid dangerous surprises.Īccording to network security platform provider SAM Seamless Network, over 200,000 businesses that have deployed the Fortigate VPN solution with default settings. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |