Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Fortinet still has SSH backdoor security issues on its devices

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

January 25, 2016

Network security firm Fortinet has admitted today that many more of its networking devices have the SSH backdoor that was found hardcoded into FortiOS, with FortiSwitch, FortiAnalyzer and FortiCache all vulnerable to potential hackers.

On January 21, a Python script emerged that could allow anyone to get administrator-level access to some of Fortinet's firewall devices using hardwired logins.

Fortinet explained Thursday that this wasn't a backdoor as such, but a "management authentication issue," but without saying more.

At the time, the company said that equipment using FortiOS versions 4.3.0 to 4.3.16 and 5.0.0 to 5.0.7 were all affected.

The last of these builds was released in July 2014 and fully patched systems using up-to-date software would be fine, Fortinet asserted.

But that's not the full story. "Following this recent SSH security issue, Fortinet’s Product Security Incident Response team, in coordination with our engineering and QA teams, undertook an additional review of all of our Fortinet products," said the company.

"During this security review, we discovered the same vulnerability issue on some versions of FortiSwitch, FortiAnalyzer and FortiCache. These versions have the same management authentication issue that was disclosed in legacy versions of FortiOS," the company added.

Now the security risk list includes FortiAnalyzer versions 5.0.5 to 5.0.11 and 5.2.0 to 5.2.4, FortiSwitch versions 3.3.0 to 3.3.2, FortiCache 3.0.0 to 3.0.7 (but branch 3.1 is not affected) along with equipment running FortiOS 4.1.0 to 4.1.10, 4.2.0 to 4.2.15, 4.3.0 to 4.3.16, and the builds 5.0.0 to 5.0.7.

In all cases, the issue can be sorted by updating to the latest firmware builds. But don't delay: hackers are rapidly closing in on the backdoor management authentication issue.

"Looking at our collected SSH data, we've seen an increase in scanning for those devices in the days since the revelation of the security vulnerability," said Jim Clausing, a security analyst with the SANS Institute.

"Nearly all of this scanning has come from two IPs in China ( and So if you haven't already applied security patches and put ACLs/firewall rules in front of these devices limiting access to SSH from only specific management IPs, you have probably already been scanned and are at risk," Fortinet asserted.

Source: Fortinet.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet    Terms of use    Privacy agreement    Legal disclaimer