PSIRT Advisories

RSA-CRT key leak under certain conditions


FortiOS now includes for all SSL libraries a countermeasure against Lenstra's fault
attack on RSA-CRT optimization when a RSA signature is corrupted.

Affected Products

FortiGate with the SSLVPN web portal feature configured.


Upgrade to FortiOS 5.0.13 / 5.2.6 / 5.4.0
As a workaround the SSLVPN web portal can be disabled