The vendor Fortinet has finally released security patches to remove the hardcoded SSH keys in Fortinet SIEM appliances. Security specialist Andrew Klaus, a security specialist from Cybera, discovered a hardcoded. public key that can be used by attackers to the FortiSIEM Supervisor. The Fortinet devices share the same. SSH key for the user tunneluser, and it is stored in plain text. Fortinet urges customers to install the patch for CVE-2019-17659, or restrict the. access to the tunneluser port (19999)”]
Source: https://securityaffairs.co/wordpress/96885/hacking/fortinet-fortisiem-security-flaws.html