SSH Backdoor Found In Fortinet Firewalls

An anonymous reader writes: The IT community was shaken a few weeks ago when Juniper Networks firewalls were found to contain "unauthorized code" that seemed to enable a backdoor. Now, Fortinet firewalls have been found to contain an apparent SSH backdoor as well. "According to the exploit code, the undisclosed authentication works on versions 4.3 up to 5.0.7. If correct, the surreptitious access method was active in FortiOS versions current in the 2013 and 2014 time frame and possibly earlier, based on this rough release history. The weakness was eventually patched, but so far, researchers have been unable to locate a security advisory that disclosed the alternative authentication method or the hard-coded password." A spokesperson for Fortinet told El Reg, "This was not a 'backdoor' vulnerability issue but rather a management authentication issue."

Re:"management" = ???

[phantomfive]

Here is their full quote:

"This was not a 'backdoor' vulnerability issue but rather a management authentication issue. The issue was identified by our product security team as part of their regular review and testing efforts. After careful analysis and investigation, we were able to verify this issue was not due to any malicious activity by any party, internal or external."

Their PR firm is earning its money today.

Re: "management" = ???

[ZeroWaiteState]

The fact that DoD (who is just one government among many) spent well over 9 figures on exploits means that government surveillance actually is the simplest explanation these days.

LOL

[JustAnotherOldGuy]

A spokesperson for Fortinet told El Reg, "This was not a 'backdoor' vulnerability issue but rather a management authentication issue."

Later they said, "You didn't get 'pwned', you got 'haxored'...it's like, totally different, man."

And just for the record, I'm not "eating a potato", I'm "utilizing a starch resource with a multi-pronged utensil!"