PSIRT Advisory

FortiOS supports weak ciphers suites when connecting to Fortiguard servers

Description

When connecting to a FortiGuard server via TLS, FortiOS 5.2.3/5.0.11 and below is supporting multiple weak ciphers including anonymous, export and RC4.
Although FortiGuard servers are actually offering back strong ciphers only, an attacker in a "Man in the Middle" position may leverage FortiOS' acceptance of weak ciphers to decipher and tamper with the TLS connection.

Impact

MitM that could lead to traffic alteration or decryption

Affected Products

FortiOS 5.2.0 to 5.2.3
FortiOS 5.0.0 to 5.0.11

Solutions

FortiOS (including with FIPS-CC licenses) must be upgraded to 5.0.12 or 5.2.4.

Acknowledgement

Thanks to the Citrix Security Team.