Fortinet Product Security Incident Response Team (PSIRT) Contact Form
Vulnerabilities in Fortinet PSIRT scope include any design or implementation issue that substantially affects the confidentiality or integrity of the product and/or impacts user security is likely to be in scope of PSIRT. Common examples include:
- Undisclosed device access methods
- Hardcoded or undocumented account credentials
- Undocumented traffic diversion
- Cross-site scripting
- Cross-site request forgery
- Mixed-content scripts
- Authentication or authorization flaws
- Server-side code execution bugs
- Bypass of security feature (Bypass of AV/IPS engine)
Fortinet considers such product behaviors to be serious vulnerabilities. Fortinet will address any issues of these nature with the highest priority and encourages all parties to report suspected vulnerabilities to the Fortinet PSIRT for immediate investigation. Internal and external reports of these vulnerabilities will be managed and disclosed under the terms of the Fortinet Security Vulnerability Policy.
Please report non-product issues related to our corporate website or other Fortinet internal systems such as email etc at: Fortinet Corporate Security Incident Response Team (CSIRT) Contact Form.