SSH Weak Key Exchange Algorithm


A use of a weak cryptographic algorithm vulnerability [CWE-327] in FortiNAC may increase the chances of an attacker to have access to sensitive information or to perform man-in-the-middle attacks.

Affected Products

At least
FortiNAC-F version 7.2.0
FortiNAC version 9.4.0 through 9.4.1
FortiNAC version 9.2.0 through 9.2.6
FortiNAC version 9.1.0 through 9.1.8
FortiNAC version 8.8.0 through 8.8.11
FortiNAC version 8.7.0 through 8.7.6


Please upgrade to FortiNAC-F version 7.2.1 or above
Please upgrade to FortiNAC version 9.4.2 or above
Please upgrade to FortiNAC version 9.2.7 or above


Fortinet is pleased to thank KPN for bringing this issue to our attention under responsible disclosure.


2023-04-13: Initial publication