Fortinet FortiAnalyzer and FortiManager are enterprise network security solutions used by organizations to monitor and manage their networks. The vulnerability in question allows an authenticated admin to retrieve a certificate's private key via the device's admin shell, potentially leading to unauthorized access to sensitive data.
You're affected if you use A key management errors vulnerability. Affected versions: 7.2.5, 7.4.2 If you don't recognise this software, you're probably not affected.
Upgrade FortiAnalyzer 7.4.0 through 7.4.2 to 7.4.3 or above.
- Upgrade FortiAnalyzer 7.2.0 through 7.2.5 to 7.2.6 or above.
- Migrate to a fixed release for all other affected versions.
- For FortiOS, upgrade to 7.6.1 or above.
- For FortiOS 7.4.4, upgrade to 7.4.5 or above.
- For FortiOS 7.2.7, upgrade to 7.2.8 or above.
- For FortiOS 7.0.14, upgrade to 7.0.15 or above.
Immediate mitigations:
- Restrict network access to your FortiAnalyzer and FortiManager instances (firewall them from the public internet).
- Audit admin account activity for suspicious access patterns.
- Monitor for unauthorized token creation.