The vulnerability of the FortiDDoS software-defined security device, which stems from the use of a strictly encrypted cryptographic key, allows attackers to sign JWT tokens for various devices.

The vulnerability of the FortiDDoS software protection system against DDoS attacks is related to the use of a strictly encrypted cryptographic key. Exploiting this vulnerability allows a malicious actor to sign JWT tokens for various devices remotely...