The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the Fortinet_CA_SSLProxy certificate in a list of trusted root certification authorities.
The software does not validate, or incorrectly validates, a certificate.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Fortigate-1000c | Fortinet | - | - |
| Fortigate-100d | Fortinet | - | - |
| Fortigate-110c | Fortinet | - | - |
| Fortigate-1240b | Fortinet | - | - |
| Fortigate-200b | Fortinet | - | - |
| Fortigate-20c | Fortinet | - | - |
| Fortigate-300c | Fortinet | - | - |
| Fortigate-3040b | Fortinet | - | - |
| Fortigate-310b | Fortinet | - | - |
| Fortigate-311b | Fortinet | - | - |
| Fortigate-3140b | Fortinet | - | - |
| Fortigate-3240c | Fortinet | - | - |
| Fortigate-3810a | Fortinet | - | - |
| Fortigate-3950b | Fortinet | - | - |
| Fortigate-40c | Fortinet | - | - |
| Fortigate-5001a-sw | Fortinet | - | - |
| Fortigate-5001b | Fortinet | - | - |
| Fortigate-5020 | Fortinet | - | - |
| Fortigate-5060 | Fortinet | - | - |
| Fortigate-50b | Fortinet | - | - |
| Fortigate-5101c | Fortinet | - | - |
| Fortigate-5140b | Fortinet | - | - |
| Fortigate-600c | Fortinet | - | - |
| Fortigate-60c | Fortinet | - | - |
| Fortigate-620b | Fortinet | - | - |
| Fortigate-800c | Fortinet | - | - |
| Fortigate-80c | Fortinet | - | - |
| Fortigate-voice-80c | Fortinet | - | - |
| Fortigaterugged-100c | Fortinet | - | - |