SAM and LSAD remote protocols man in the middle vulnerability (Badlock)
The Security Account Manager Remote Protocol [MS-SAMR] and theLocal Security Authority (Domain Policy) Remote Protocol [MS-LSAD]are both vulnerable to man in the middle attacks. These protocols aretypically available on all Windows installationsas well as every Samba server.
An MitM attacker could force a downgrade of the authentication level of the SAM and LSAD channels and impersonate an authenticated user.
All the Fortinet products are confirmed to be not affected.