Advanced

Authentication Bypass at the Security Edge: What You Should Know

Once all required configuration changes were made, attackers established SSL VPN tunnels to the affected devices using the newly created or hijacked accounts.

MITRE's Common Weakness Enumeration database classifies this specific type of vulnerability as CWE-288: Authentication Bypass Using an Alternate Channel or Path.

In the case of FortiOS and FortiProxy, the alternate path is the Node.js WebSocket module.

Sign in to read this course

A free account unlocks all 514 courses. 20 are readable without one.

What's inside

13 sections
  1. 1 Table of Contents
  2. 2 Module 1 — Understanding Authentication Bypass
  3. 3 Module 2 — CVE-2024-55591: The FortiOS / FortiProxy Vulnerability
  4. 4 Module 3 — Timeline of Events
  5. 5 Module 4 — Attack Chain Analysis
  6. 6 Module 5 — Exposure and Scale
  7. 7 Module 6 — Proof of Concept
  8. 8 Module 7 — Indicators of Compromise (IoCs)
  9. 9 Module 8 — Remediation and Mitigations
  10. 10 Module 9 — Threat Hunting
  11. 11 Module 10 — Proactive Security Best Practices
  12. 12 Quick Reference Summary
  13. 13 Primary References

More Vulnerability Briefings courses

View all 30

Interested in this course?

Contact us to book it or get a custom training plan for your team.