CVE-2022-30307: 
FortiOS vulnerability analysis and mitigation

A key management error vulnerability [CWE-320] affecting the RSA SSH host key in FortiOS and FortiProxy was discovered and assigned CVE-2022-30307. The vulnerability was initially published on November 1, 2022, with a CVSSv3 score of 3.8 (Low severity). The affected products include FortiOS versions 7.2.0 and below, 7.0.1 through 7.0.6, 6.4.0 through 6.4.9, and multiple FortiProxy versions including 7.2.0-7.2.1, 7.0.0-7.0.7, and all versions of 2.0, 1.2, and 1.1. The vulnerability was responsibly disclosed by security researcher Samuel Leslie (Fortiguard PSIRT).

The vulnerability is classified as a key management error vulnerability that specifically affects the RSA SSH host key implementation in FortiOS and FortiProxy systems. The issue is tracked under CWE-320 classification and received a CVSSv3 score of 3.8, indicating low severity but still requiring attention. The technical nature of the vulnerability relates to improper access control mechanisms in the handling of RSA SSH host keys during system shutdown processes (Fortiguard PSIRT).

If successfully exploited, this vulnerability allows an unauthenticated attacker to perform man-in-the-middle attacks against affected systems. This could potentially lead to unauthorized interception of communications between clients and the FortiOS or FortiProxy systems (Fortiguard PSIRT, TheSecMaster).

Fortinet has released patches to address this vulnerability. Users are advised to upgrade to FortiOS version 7.2.2 or above, FortiOS version 7.0.8 or above, FortiOS version 6.4.10 or above, FortiProxy version 7.2.2 or above, or FortiProxy version 7.0.8 or above, depending on their current version (Fortiguard PSIRT).