CVE-2020-12812 FortiOS 2FA Bypass

Five-year-old two-factor authentication bypass flaw in FortiOS SSL VPN affecting perimeter security appliances worldwide, with 9,700+ unpatched instances exposed and active exploitation confirmed by threat actors

Fortinet FortiOS CVE-2020-12812: Five-Year-Old 2FA Bypass Affecting 9,700+ Exposed Firewalls Under Active Exploitation

Jan 4, 2026

—

by

Peter Chofield

in Cyber News & Updates

A five-year-old 2FA bypass vulnerability in Fortinet FortiOS continues to plague enterprise perimeter security. Over 9,700 unpatched FortiGate instances remain exposed globally as of January 2026, with active exploitation confirmed. An attacker can bypass two-factor authentication by simply altering username case and exploiting misconfigured LDAP group authentication—a trivial technique that has already been leveraged by…

CVE-2020-12812 FortiOS 2FA Bypass

Fortinet FortiOS CVE-2020-12812: Five-Year-Old 2FA Bypass Affecting 9,700+ Exposed Firewalls Under Active Exploitation