PSIRT Advisory

SAM and LSAD remote protocols man in the middle vulnerability (Badlock)


The Security Account Manager Remote Protocol [MS-SAMR] and the Local Security Authority (Domain Policy) Remote Protocol [MS-LSAD] are both vulnerable to man in the middle attacks. These protocols are typically available on all Windows installations as well as every Samba server.


An MitM attacker could force a downgrade of the authentication level of the SAM and LSAD channels and impersonate an authenticated user.

Affected Products

All the Fortinet products are confirmed to be not affected.