Managed IT Services, IT Security Services, Vulnerability Management and Remediation, Help Desk Support, IT Maintenance Services, Network Administration, Business Continuity Planning, Disaster Recovery Planning, Onsite and Offsite Data Backup, and Information Security Assessment
Fortinet has found that an SSH vulnerability may be more widespread than once thought. The company insisted that the flaw should not be considered a backdoor, and experts tended to agree.The flaw allowed a Python exploit script — posted earlier this month to the Full Disclosure mailing list — to gain administrative access via SSH by taking advantage of hardcoded login credentials on devices using FortiOS versions 4.3.0 to 4.3.16 and 5.0.0 to 5.0.7. Fortinet initially said that systems updated with builds released after July 2014 were not affected. A new investigation by Fortinet’s Product Security Incident Response team found that the vulnerability affects more versions of FortiOS than previously believed, as well as versions of FortiSwitch, FortiAnalyzer and FortiCache.