A use of hard-coded cryptographic key vulnerability in FortiSIEM may allow a remote unauthenticated attacker to obtain SSH access to the supervisor as the restricted user βtunneluserβ by leveraging knowledge of the private key from another installation or a firmware image.