Format String Vulnerability in SSH username
There is a format string vulnerability in the SSH username handling when connecting to FortiOS 5.6.0 and lower, that may lead to memory corruption.
Execute unauthorized code or commands
FortiOS 5.6.0 and below
The following Fortinet products are NOT affected:
5.4 branch: not vulnerable
5.2 branch: not vulnerable
Upgrade to FortiOS 5.6.1 or above.
Workaround: Configure the trusthost feature to only allow trusted administrators to use SSH and deny others.
Fortinet thanks Simone Cardona for reporting this vulnerability.