PSIRT Advisory

SAM and LSAD remote protocols man in the middle vulnerability (Badlock)


The Security Account Manager Remote Protocol [MS-SAMR] and theLocal Security Authority (Domain Policy) Remote Protocol [MS-LSAD]are both vulnerable to man in the middle attacks. These protocols aretypically available on all Windows installationsas well as every Samba server.


An MitM attacker could force a downgrade of the authentication level of the SAM and LSAD channels and impersonate an authenticated user.

Affected Products

All the Fortinet products are confirmed to be not affected.