#VU105616 Use of Hard-coded Cryptographic Key in FortiSandbox - CVE-2024-54027

Cybersecurity Help s.r.o.

Published: 2025-03-12

Vulnerability identifier: #VU105616

Vulnerability risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-54027

CWE-ID: CWE-321

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
FortiSandbox
Server applications / DLP, anti-spam, sniffers

Vendor: Fortinet, Inc

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to software uses a hard-coded cryptographic key for remote backup server password encryption. A local privileged user can gain access to backup files.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

FortiSandbox: 3.0.5 - 5.0.0

External links
https://www.fortiguard.com/psirt/FG-IR-24-327

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Use of hardcoded key in FortiSandbox