The DUHK attack targets the old vulnerability that resides in the pseudorandom number generator called ANSI X9.31. It is an algorithm widely used to generate cryptographic keys that secure VPN connections and web browsing sessions. 23,000 devices are running a vulnerable version of FortiOS 4.3.3 to 4.18 are vulnerable to DUHK attacks and Fortigate fixed it by implementing CTR_DRBG from FortiOS. The vulnerability is symmetric and any implementation that stores a fixed secret key in code or hardware is vulnerable to passive exploitation by an attacker.”]
Source: https://gbhackers.com/duhk-attack-decrypt-communications-vpn/