Groups keyboard shortcuts have been updated
Dismiss
See shortcuts
Fortinet incident
617 views
Skip to first unread message
Hanno Böck
Jan 24, 2025, 4:06:01 AMJan 24
to dev-secur...@mozilla.org
Hi,
As many will likely have heard, there has been a leak of fortinet
configuration files posted to the Internet lately.
This leak also contains a large number of private keys that are
encrypted with a password, and the password is encrypted with a
publicly known static password. I had already written a blogpost about
this a few days ago, and have added some updates yesterday and today:
https://blog.hboeck.de/archives/908-Private-Keys-in-the-Fortigate-Leak.html
Many of those keys belonged to publicly trusted certificates, a smaller
number of them were unrevoked at the time of the incident. Also, the
data contained keys for Let's Encrypt ACME accounts.
I have reported all the certificates with affected private keys to the
responsible CAs for revocation, and have disabled the affected ACME
accounts.
--
Hanno Böck - Independent security researcher
https://itsec.hboeck.de/
https://badkeys.info/
As many will likely have heard, there has been a leak of fortinet
configuration files posted to the Internet lately.
This leak also contains a large number of private keys that are
encrypted with a password, and the password is encrypted with a
publicly known static password. I had already written a blogpost about
this a few days ago, and have added some updates yesterday and today:
https://blog.hboeck.de/archives/908-Private-Keys-in-the-Fortigate-Leak.html
Many of those keys belonged to publicly trusted certificates, a smaller
number of them were unrevoked at the time of the incident. Also, the
data contained keys for Let's Encrypt ACME accounts.
I have reported all the certificates with affected private keys to the
responsible CAs for revocation, and have disabled the affected ACME
accounts.
--
Hanno Böck - Independent security researcher
https://itsec.hboeck.de/
https://badkeys.info/
Reply all
Reply to author
Forward
0 new messages