PSIRT Advisory

FortiRecorder sets credentials of FortiCameras to static values

Summary

An Use of Hard-coded Credentials vulnerability in FortiRecorder may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder device.

Impact

Authentication Controls Bypass

Affected Products

FortiRecorder all versions below 2.7.4

Solutions

Upgrade to FortiRecorder 2.7.4


Workarounds:


Deploy FortiCameras on a private and closed network dedicated to the connection to FortiRecorder.

Alternatively, use a Firewall or FortiCamera built-in access control to only allow trusted hosts to access FortiCamera.


Refer to the "Hardening security" section in your FortiRecorder's admin guide for guidance.

Acknowledgement

Fortinet is pleased to thank security researcher Aaron Blair for reporting this vulnerability under responsible disclosure and FortiGuard Lion Team for the help of addressing this issue.