FortiGuard Labs Threat Research

The DUHK Vulnerability

By FortiGuard SE Team | October 24, 2017

There have been some news items floating around the Internet discussing a weakness in the ANSI X9.31 random number generator (RNG) known as DUHK (for Don't Use Hard-coded Keys) that had affected older FortiGate devices.

Like many other devices at the time, FortiOS 4.3.x used the ANSI X9.31 pseudorandom number generator to decrypt TLS/IPSec traffic. However, it was superseded by CTR_DRBG (Counter-mode Deterministic Random Byte Generator), which was recommended in NIST SP800-90. The switch to CTR_DRBG was implemented in FortiOS 5.0, which was released in April of 2014, long before the weakness in the ANSI X9.31 RNG was discovered.

An update was issued more than a year ago when the flaw was first announced to Fortinet. A PSIRT Advisory was issued advising all customers with devices that can’t run the newer versions of FortiOS to upgrade to 4.3.19, and for everyone else to migrate to FortiOS 5.0 and above. It is important to note that the 4.3.x FortiOS series that this flaw affects had already been designated End-of-Support when this flaw was discovered but Fortinet went ahead and released a fix with version 4.3.19 in order to protect organizations running older hardware.

Security tools and techniques are continually evolving, requiring vendors to issue patches and updates and for IT teams to implement patch management processes to ensure that devices running on their networks are protected.