Security news that informs and inspires

Fortinet Products Used Hardcoded Encryption Key


Eighteen months after researchers reported a vulnerability that allowed an attacker to passively monitor encrypted traffic flowing to and from several Fortinet security products, the company has released patches for the issue.

The weakness comes from the fact that Fortinet’s FortiGuard protocol has a hardcoded cryptographic key and uses the weak XOR encryption method to protect traffic. Any attacker or other party in a position to passively monitor the network traffic who knew the static key would be able to read any of the traffic going to affected appliance. The vulnerability is fixed in FortiOS versions 6.0.7 or 6.2.0, as well as the FortiClient 6.2.0 for Windows and 6.2.2 for macOS.

Fortinet’s security products provide a variety of capabilities, including antispam, antimalware, and web filtering. The use of the weak XOR encryption method coupled with a static key opens up the traffic to and from those appliances to simple eavesdropping. Some of the information sent to the Fortinet servers in the cloud from servers and clients includes the serial number of the product, which can allow an attacker to identify the type of server and client installed in a target network.

“This information allows an attacker who can passively monitor internet traffic to spy on users’ web surfing activity. In cases where SSL inspection is enabled, even the URLs of HTTPS-encrypted communication are sent via this protocol, effectively breaking the confidentiality of SSL/TLS,” the SEC Consult Vulnerability Lab advisory says.

“By intercepting and manipulating internet traffic an attacker can manipulate the responses for FortiGuard Web Filter, AntiSpam and AntiVirus features.”

Researchers with SEC Consult first reported the vulnerability to Fortinet in May 2018 and went through months of sporadic communications with the vendor as the company assessed the severity of the problem and developed fixes. The researchers provided a simple proof-of-concept Python script in the advisory that demonstrates the weakness.