PSIRT Advisories

FSSO Windows DC Agent [FSSO] Insecure communication between DC agent and Collector

Summary

An improper authentication vulnerability [CWE-287] in FSSO Collector may allow an unauthenticated user to bypass any firewall authentication rule and access the protected network via sending specifically crafted UDP login notification packets.

Affected Products

Any FSSO DC Agent and Collector released with FOS 7.0.0 or below is impacted.
Any FSSO DC Agent and Collector released with FOS 6.4.5 or below is impacted.

Solutions

Upgrade the FSSO DC Agent and Collector with any version released with FOS 7.0.1 or above.
Upgrade the FSSO DC Agent and Collector with any version released with FOS 6.4.6 or above.

Acknowledgement

Fortinet is pleased to thank Cédric Moreau, Alexis La Goutte, Titouan Tarridec and Jerome Dupuis for reporting this issue under responsible disclosure.