Hard-Coded Cryptographic Key Vulnerability in Fortinet FortiSwitch
CVE-2023-37936

Currently unrated

Key Information:

Vendor: Fortinet
Status: FortiSwitch
Vendor: CVE Published:; 14 January 2025

Summary

A hard-coded cryptographic key in multiple versions of Fortinet FortiSwitch exposes the devices to potential exploitation. Attackers can execute unauthorized code or commands by sending crafted requests to affected versions. This vulnerability can compromise the integrity of the network and lead to unauthorized access, necessitating swift actions for mitigation and remediation.

References

https://fortiguard.com/psirt/FG-IR-23-260

Timeline

Vulnerability published
Jan 14, 2025