PSIRT Advisories
The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.
For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.
On FortiAuthenticator, a HTML page is returned to the user when the CSRF validation fails on referer mismatch. This page displays...
A SSL VPN user logged in via the web portal can access internal FortiOS configuration information (eg: addresses) via specifically...
An admin user with super_admin privileges can execute an arbitrary binary contained on an USB drive plugged to a FortiGate, via...
US-Cert published a document at https://www.us-cert.gov/ncas/alerts/TA17-075A which outlines some security flaws that may be introduced...
FortiWLC included two hardcoded accounts which were used by Meru Access Points to report core dumps; these accounts had read/write...