More Fortinet products found with Secure Shell backdoors

Several products from firewall vendor Fortinet contain code that allows remote access with full admninstrative privileges, thanks to a password hardcoded into the devices.

The revelation follows an advisory published earlier this month, warning that multiple versions of the FortiOS operating system were shipped with a Secure Shell service that allowed remote access for anyone who knew the password.

Fortinet is now urging customers to patch the affected systems.

According to Fortinet's product security incident response the remote access vulnerability is found in the following products:

• FortiAnalyzer: 5.0.5 to 5.0.11 and 5.2.0 to 5.2.4 (branch 4.3 is not affected)
• FortiSwitch: 3.3.0 to 3.3.2
• FortiCache: 3.0.0 to 3.0.7 (branch 3.1 is not affected)
• FortiOS 4.1.0 to 4.1.10
• FortiOS 4.2.0 to 4.2.15
• FortiOS 4.3.0 to 4.3.16
• FortiOS 5.0.0 to 5.0.7

The company has denied that the remote access mechanism in its products constitutes a malicious "backdoor" that could be used for unauthorised user access.

Instead, the vulnerability is "an unintentional consequence of a feature that was designed with the intent of providing seamless access from an authorised FortiManager to registered FortiGate devices," Fortinet said.