PSIRT Advisory

Use of a hard-coded cryptographic key to cipher sensitive data in CLI configuration

Summary

Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in FortiOS, FortiManager and FortiAnalyzer may allow an attacker with access to the CLI configuration or the CLI backup file to decrypt the sensitive data, via knowledge of the hard-coded key.

Impact

Information Disclosure

Affected Products

CVE-2019-6693: FortiOS 6.2.0, 6.0.0 to 6.0.6, 5.6.10 and below

(impacts all credential data of type "ENC" in FortiOS CLI configuration except the administrator's password)


CVE-2020-9289: FortiManager 6.2.3 and below

(impacts all credential data of type "ENC" in FortiManager CLI configuration)


CVE-2020-9289: FortiAnalyzer 6.2.3 and below

(impacts all credential data of type "ENC" in FortiAnalyzer CLI configuration)


If the CLI configuration is exposed (typical example: Willingly posted on a forum for troubleshooting purpose), it is possible to decrypt the encrypted ENC type data to plaintext using this hard-coded cryptographic key. Same goes for the system backup file, if it is not password protected.

Solutions

FortiOS:


In versions 5.6.11, 6.0.7 and 6.2.1 and above, administrators can choose to be prompted for a password, which is then used by FortiOS to encrypt sensitive data in the configuration file. The following steps enable this option:


# config system global
# set private-data-encryption enable /* disabled by default */
# end 


FortiManager:


Upgrade to FortiManager 6.2.4 or above and enable the following newly introduced CLI setting, to prompt for a user-defined cryptographic key; the user-defined key will then be used to cipher ENC type data in the configuration:


# configure system global
# set private-data-encryption enable /* disabled by default */
# end


FortiAnalyzer:


Upgrade to FortiAnalyzer 6.2.4 or above and enable the following newly introduced CLI setting, to prompt for a user-defined cryptographic key; the user-defined key will then be used to cipher ENC type data in the configuration:


# configure system global
# set private-data-encryption enable /* disabled by default */
# end


Workaround:


* Always use a password to protect the system configuration file when performing backups

* The impacted ENC type data in CLI configuration, if exposed, should currently be considered "easy to decrypt" by potential attackers. Thus, avoid exposure of configuration in unsafe and/or public channels (forums, etc...)


Revision History:
11-19-2019 Initial Version
06-11-2020 Add FortiManager CVE-2020-9289
06-30-2020 Add FortiAnalyzer CVE-2020-9289

Acknowledgement

Fortinet is pleased to thank Bart Dopheide (bart.dopheide@axians.com) for report CVE-2019-6693, Independent research team Denis Kolegov, Maxim Gorbunov, Nikita Oleksov and Anton Nikolaev for report CVE-2019-6693 and CVE-2020-9289 under responsible disclosure.