I thought they had a batch of fortigate hardware whose baked in keys got leaked and their response was to recommend that affected devices be removed from service, no update fix, no patch, just “stop using them, we can’t fix it”.
Sorry for not having more information on hand, I’m on mobile at the moment and the nist database is tough to navigate with fat thumbs.