PSIRT

FortiRecorder sets credentials of FortiCameras to static values

Summary

An Use of Hard-coded Credentials vulnerability in FortiRecorder may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder device.

Affected Products

FortiRecorder all versions below 2.7.4

Solutions

Upgrade to FortiRecorder 2.7.4

Workarounds:

Deploy FortiCameras on a private and closed network dedicated to the connection to FortiRecorder.

Alternatively, use a Firewall or FortiCamera built-in access control to only allow trusted hosts to access FortiCamera.

Refer to the "Hardening security" section in your FortiRecorder's admin guide for guidance.

Acknowledgement

Fortinet is pleased to thank security researcher Aaron Blair for reporting this vulnerability under responsible disclosure and FortiGuard Lion Team for the help of addressing this issue.

References

https://xor.cat/2019/08/05/fortinet-fortirecorder-hardcoded-password/

IR Number	FG-IR-19-185
Date	Aug 12, 2019
Severity	High
CVSSv3 Score	7.1
Impact	Authentication Controls Bypass
CVE ID	CVE-2019-6698
CVRF	Download

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

PSIRT

FortiRecorder sets credentials of FortiCameras to static values

Summary

Affected Products

Solutions

Acknowledgement

References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

PSIRT

FortiRecorder sets credentials of FortiCameras to static values

Summary

Affected Products

Solutions

Acknowledgement

References

Threat Intelligence
Center