The latest news is really sad, and a big disappointment from Fortinet. A backdoor access has been noted and a simple python script has been published that shows howto exploit the access
Here's a snapshot from the FTNT blog
So if a security company can't get it right, that makes one wonder what else they are doing that we don't know about.
To mitigate this, we need to disable allowaccess for ssh or upgrade. If you must run ssh then use a non-Standard port or deploy a 2 tier access by deploying a sslvpn access 1st and then ssh allow on the ssl interface.
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
=( @ @ )=