cve/2015/CVE-2015-1571.md

CVE-2015-1571

Description

The CAPWAP DTLS protocol implementation in Fortinet FortiOS 5.0 Patch 7 build 4457 uses the same certificate and private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the Fortinet_Factory certificate and private key. NOTE: FG-IR-15-002 says "The Fortinet_Factory certificate is unique to each device ... An attacker cannot therefore stage a MitM attack.

POC

Reference

• http://seclists.org/fulldisclosure/2015/Jan/125

Github

No PoCs found on GitHub currently.