Secret SSH backdoor in Fortinet hardware found in more products


January 23, 2016

A recently identified backdoor in hardware sold by security company Fortinet has been found in several new products, many that were running current software, the company warned this week.

The undocumented account with a hard-coded password came to light last week when attack code exploiting the backdoor was posted online. In response, Fortinet officials said it affected only older versions of Fortinet’s FortiOS software. The company went on to say the undocumented method for logging into servers using the secure shell (SSH) protocol was a “remote management” feature that had been removed in July 2014.

In a blog post published this week, Fortinet revised the statement to say the backdoor was still active in several current company products, including some versions of its FortiSwitch, FortiAnalyzer, and FortiCache devices. The company said it made the discovery after conducting a review of its products.

Read full story…