FortiOS, FortiAuthenticator - Disclosure of private keys corresponding to Apple (APNS) and Google (GCM) certificates

A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate and FortiAuthenticator may allow a local unauthorized party to retrieve the Fortinet private keys used to establish secure communication with both Apple Push Notification and Google Cloud Messaging services, via accessing the files on the filesystem.
The potentially exposed private keys have been revoked, please upgrade to the versions provided in the solutions to support push proxy.

apple certificates cloud communication cwe disclosure exposed files filesystem fortigate fortinet fortios google google cloud information keys local may messaging notification party private private keys push notification secure communication sensitive information services solutions storage text upgrade vulnerability