Expert found a hardcoded SSH public key in Fortinet s Security Information and Event Management FortiSIEM that can be used by attackers to access to the Forti SIEM Supervisor. Fortinet published a security advisory for the issue that is tracked as CVE-2019-17659. The vulnerability could be exploited by hackers to trigger a confition of denial of service. The flaw affects Fortinets version 5.2.6 and below, the tech firm addressed it with the release of FortiSEM version 5.2.7.”]
Source: https://securityaffairs.co/wordpress/96649/security/hardcoded-ssh-key-fortinet.html