PSIRT Advisories

FortiOS - RSA SSH host key lost at shutdown

Summary

A key management error vulnerability [CWE-320] affecting the RSA SSH host key in FortiOS may allow an unauthenticated attacker to perform a man in the middle attack.

Affected Products

At least
FortiOS version 7.2.0
FortiOS version 7.0.1 through 7.0.6
FortiOS version 6.4.0 through 6.4.9
FortiProxy version 7.2.0 through 7.2.1
FortiProxy version 7.0.0 through 7.0.7
FortiProxy 2.0 all versions
FortiProxy 1.2 all versions
FortiProxy 1.1 all versions

Solutions

Please upgrade to FortiOS version 7.2.2 or above
Please upgrade to FortiOS version 7.0.8 or above
Please upgrade to FortiOS version 6.4.10 or above

Please upgrade to FortiProxy version 7.2.2 or above
Please upgrade to FortiProxy version 7.0.8 or above

Acknowledgement

Fortinet is pleased to thank Samuel Leslie for bringing this issue to our attention under responsible disclosure.