Use of hardcoded key in FortiSandbox
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2024-54027 |
| CWE-ID | CWE-321 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
FortiSandbox Server applications / DLP, anti-spam, sniffers |
| Vendor | Fortinet, Inc |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Use of Hard-coded Cryptographic Key
EUVDB-ID: #VU105616
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-54027
CWE-ID:
CWE-321 - Use of Hard-coded Cryptographic Key
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to software uses a hard-coded cryptographic key for remote backup server password encryption. A local privileged user can gain access to backup files.
Install updates from vendor's website.
Vulnerable software versionsFortiSandbox: 3.0.5 - 5.0.0
CPE2.3- cpe:2.3:a:fortinet:fortisandbox:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:fortinet:fortisandbox:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:fortinet:fortisandbox:3.0.7:*:*:*:*:*:*:*
https://www.fortiguard.com/psirt/FG-IR-24-327
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
