FortiGuard Used Hardcoded Key, XOR to Encrypt Communications
Security researchers found that multiple security products from Fortinet use weak encryption and static keys to communicate with FortiGuard services in the cloud, such as AntiSpam, AntiVirus, and Web Filter.
An attacker capable to intercept network traffic would have little trouble to decrypt and modify messages exchanged with FortiGuard servers.
XOR and static key
In a vulnerability report released today, SEC Consult Vulnerability Lab published details about the vulnerability, now tracked as CVE-2018-9195, along with proof-of-concept (PoC) code that demonstrates the validity of the findings.
The issue affects versions of FortiOS (before 6.0.7 or 6.2.0), FortiClient for Windows before 6.2.0, and FortiClient for Mac before 6.2.2, that were released starting March 28, 2019. Fortinet announced the vulnerability on November 20.
Stefan Viehböck discovered the weakness on May 16, 2018, and disclosed it responsibly to Fortinet. He found that cloud communication was encrypted using XOR cipher with the key embedded in the products.
The advisory from the pentesting company notes that an adversary exploiting this weakness could glean information that would help them build a better attack. They would be able to track users across the world, spy on their browsing, or obtain email data.
Plenty revealed via passive monitoring
Among the details that could be acquired through passive monitoring are the serial number of the Fortinet product installation (type and unique ID).
This would provide a better picture of the Fortinet solutions and FortiClient installations used by the target organization. In the case of the Web Filter feature, internet traffic would be revealed. Moreover, where SSL inspection is enabled, the same protocol would be used, "effectively breaking the confidentiality of SSL/TLS."
Although SEC Consult does not have more information on what is sent by the AntiSpam filter or the Antivirus component, they say that an attacker could intercept and manipulate internet traffic to change the responses for FortiGuard Web Filter, AntiSpam and AntiVirus features.
In the PoC from SEC Consult, which is a script in Python 3, the key is removed to make it more difficult for a threat actor to carry out an attack on an organization that has yet to update their Fortinet software.
Gloss