Security equipment vendor Fortinet warns that its practice of including a hardcoded password in some of its products is much more extensive than it first believed. Fortinet is now warning that multiple versions of its FortiSwitch, FortiAnalyzer and FortiCache products also have hardcoded passwords. The U.S. Computer Emergency Response Team immediately issued a related alert for the vulnerability, classifying it as a “high severity” flaw. The company has released updates that patch the flaw for all affected devices. Experts warn that attackers have been actively targeting the password via SSH to gain full, remote access.”]
Source: https://www.cuinfosecurity.com/fortinet-finds-more-ssh-backdoors-a-8826