PSIRT Advisory

Improper Authorization vulnerability in FortiADC

Summary

An improper authorization vulnerability in FortiADC may allow a remote authenticated user with low privileges to perform certain actions such as rebooting the system.

Impact

Denial of Service

Affected Products

FortiADC version 5.3.4 and below.

Solutions

Please upgrade to FortiADC version 5.3.5 or above.

Acknowledgement

Fortinet is pleased to thank Danilo Costa from PBI for reporting this vulnerability under responsible disclosure.