The recent issue that was disclosed publicly was resolved and a patch was made available in July 2014 as part of Fortinet's commitment to ensuring the quality and integrity of their codebase. This was not a “backdoor” vulnerability issue but rather a management authentication issue. The issue was identified by Fortinet's Product Security team as part of their regular review and testing efforts.
After careful analysis and investigation, they were able to verify this issue was not due to any malicious activity by any party, internal or external.
If you are using:
You are not affected by this.
If you are affected by this, we recommends you immediately update your FortiOS product.
Please refer to the Product Security Advisory posted here http://www.fortiguard.com/advisory/fortios-ssh-undocumented-interactive-login-vulnerability for further information.