Firefox Translations of it says it was known vulnerability:<p>> <i>The malware found installed a ‘backdoor’ by using a known vulnerability in FortiGate devices. The publication of the MIVD therefore does not describe any new vulnerability in all FortiGate devices.</i><p>I could believe factory backdoors in Fortinet products, including bugdoors, but it's even easier to believe commonplace unintended software defects.<p>Edit: This comment was a response to the HN title "China spied on Dutch Cyber Intelligence through FortiGate backdoors (defensie.nl)". I thought people will tend to interpret "FortiGate backdoor" as meaning an intentional backdoor by the vendor/factory, when that's not what the article seemed to suggest.