Fortinet FortiOS and FortiProxy Weak Key Derivation Vulnerability Allowing Backup Decryption

A vulnerability exists in Fortinet FortiOS versions 7.4.0 through 7.4.3, 7.2 all versions, 7.0 all versions, 6.4 all versions, and FortiProxy versions 7.4.0 through 7.4.2, 7.2 all versions, 7.0 all versions, 2.0 all versions. This vulnerability involves the use of password hashes that lack sufficient computational effort, potentially allowing a privileged attacker with a super-admin profile and CLI access to decrypt backup files.

Impact

Exploitation of this vulnerability could lead to unauthorized decryption of backup files, allowing access to potentially sensitive information.

Remediation

Users can upgrade Fortinet FortiOS to version 7.4.4 or 7.2.9, depending on their current version. Fortinet FortiProxy users should upgrade to version 7.4.3. For versions 7.2, 7.0, and 2.0 all versions, users should migrate to a fixed release. Detailed upgrade instructions are available in Fortinet's upgrade tool.