RSA-CRT key leak under certain conditions
Summary
FortiOS now includes for all SSL libraries a countermeasure against Lenstra's fault
attack on RSA-CRT optimization when a RSA signature is corrupted.
Affected Products
FortiGate with the SSLVPN web portal feature configured.
Solutions
Upgrade to FortiOS 5.0.13 / 5.2.6 / 5.4.0
Â
As a workaround the SSLVPN web portal can be disabled