FortiEDR - Hardcoded AES key allows for full Collector compromise
Summary
A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of FortiEDR collectors may allow a local attacker to disable and uninstall the collectors from the end-points within the same deployment.
Affected Products
FortiEDR version 5.0.0 through 5.0.2
FortiEDR 4.0 all versions
Solutions
Upgrade to FortiEDR version 5.0.3