Unrated severityNVD Advisory· Published Nov 14, 2012· Updated Apr 29, 2026

CVE-2012-4948

Description

The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the Fortinet_CA_SSLProxy certificate in a list of trusted root certification authorities.

Affected products

Fortinet/Fortigate 1000c
cpe:2.3:h:fortinet:fortigate-1000c:-:*:*:*:*:*:*:*
Fortinet/Fortigate 100d
cpe:2.3:h:fortinet:fortigate-100d:-:*:*:*:*:*:*:*
Fortinet/Fortigate 110c
cpe:2.3:h:fortinet:fortigate-110c:-:*:*:*:*:*:*:*
Fortinet/Fortigate 1240b
cpe:2.3:h:fortinet:fortigate-1240b:-:*:*:*:*:*:*:*
Fortinet/Fortigate 200b
cpe:2.3:h:fortinet:fortigate-200b:-:*:*:*:*:*:*:*
Fortinet/Fortigate 20c
cpe:2.3:h:fortinet:fortigate-20c:-:*:*:*:*:*:*:*
Fortinet/Fortigate 300c
cpe:2.3:h:fortinet:fortigate-300c:-:*:*:*:*:*:*:*
Fortinet/Fortigate 3040b
cpe:2.3:h:fortinet:fortigate-3040b:-:*:*:*:*:*:*:*
Fortinet/Fortigate 310b
cpe:2.3:h:fortinet:fortigate-310b:-:*:*:*:*:*:*:*
Fortinet/Fortigate 311b
cpe:2.3:h:fortinet:fortigate-311b:-:*:*:*:*:*:*:*
Fortinet/Fortigate 3140b
cpe:2.3:h:fortinet:fortigate-3140b:-:*:*:*:*:*:*:*
Fortinet/Fortigate 3240c
cpe:2.3:h:fortinet:fortigate-3240c:-:*:*:*:*:*:*:*
Fortinet/Fortigate 3810a
cpe:2.3:h:fortinet:fortigate-3810a:-:*:*:*:*:*:*:*
Fortinet/Fortigate 3950b
cpe:2.3:h:fortinet:fortigate-3950b:-:*:*:*:*:*:*:*
Fortinet/Fortigate 40c
cpe:2.3:h:fortinet:fortigate-40c:-:*:*:*:*:*:*:*
Fortinet/Fortigate 5001a Sw
cpe:2.3:h:fortinet:fortigate-5001a-sw:-:*:*:*:*:*:*:*
Fortinet/Fortigate 5001b
cpe:2.3:h:fortinet:fortigate-5001b:-:*:*:*:*:*:*:*
Fortinet/Fortigate 5020
cpe:2.3:h:fortinet:fortigate-5020:-:*:*:*:*:*:*:*
Fortinet/Fortigate 5060
cpe:2.3:h:fortinet:fortigate-5060:-:*:*:*:*:*:*:*
Fortinet/Fortigate 50b
cpe:2.3:h:fortinet:fortigate-50b:-:*:*:*:*:*:*:*
Fortinet/Fortigate 5101c
cpe:2.3:h:fortinet:fortigate-5101c:-:*:*:*:*:*:*:*
Fortinet/Fortigate 5140b
cpe:2.3:h:fortinet:fortigate-5140b:-:*:*:*:*:*:*:*
Fortinet/Fortigate 600c
cpe:2.3:h:fortinet:fortigate-600c:-:*:*:*:*:*:*:*
Fortinet/Fortigate 60c
cpe:2.3:h:fortinet:fortigate-60c:-:*:*:*:*:*:*:*
Fortinet/Fortigate 620b
cpe:2.3:h:fortinet:fortigate-620b:-:*:*:*:*:*:*:*
Fortinet/Fortigate 800c
cpe:2.3:h:fortinet:fortigate-800c:-:*:*:*:*:*:*:*
Fortinet/Fortigate 80c
cpe:2.3:h:fortinet:fortigate-80c:-:*:*:*:*:*:*:*
Fortinet/Fortigaterugged 100c
cpe:2.3:h:fortinet:fortigaterugged-100c:-:*:*:*:*:*:*:*
Fortinet/Fortigate Voice 80c
cpe:2.3:h:fortinet:fortigate-voice-80c:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/111708nvdThird Party AdvisoryUS Government Resource
www.securityfocus.com/bid/56382nvdThird Party AdvisoryVDB Entry
osvdb.org/87048nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000