PSIRT Advisories

FortiSIEM - plaintext storage of sensitive data in Windows Agent

Summary

A plaintext storage of a password vulnerability [CWE-256] in the FortiSIEM Windows Agent may allow an authenticated user to impersonate the agent registered to the Supervisor via reading specific log files.

Affected Products

FortiSIEM Windows Agent version 4.1.4 and below.
FortiSIEM Windows Agent version 4.0.0.
FortiSIEM Windows Agent version 3.3.0.
FortiSIEM Windows Agent version 3.2.2 and below.
FortiSIEM Windows Agent version 3.1.2 and below.

Solutions

Upgrade to FortiSIEM Windows Agent version 4.1.5 or above.

Acknowledgement

Internally discovered and reported by Oleksii Mandrychenko and Damnjan Nikolic of Fortinet TAC team.