All
Refine Search
PSIRT Advisories
The FortiGuard Labs Product Security Incident Response Team (PSIRT) continually test Fortinet hardware and software products, looking for vulnerabilities and weaknesses. Any such findings are fed back to Fortinet's development teams and serious issues are described along with protective solutions in the advisories below.
A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN may allow an attacker to retrieve a logged-in...
A privilege escalation vulnerability in FortiClient for Linux may allow a user with low privilege to run root system commands,...
Makers of popular WiFi hacking tool hashcat have discovered a way to improve password brute-forcing of the WPA/WPA2 wifi network...
An Improper Neutralization of Input vulnerability in the description and title parameters of a Device Maintenance Schedule in...
A use of hard-coded cryptographic key vulnerability in FortiSIEM may allow a remote unauthenticated attacker to obtain SSH access...
A hard-coded password vulnerability in the FortiSIEM database component may allow attackers to access the device database via...
Multiple vulnerabilities, referred to as Dragonblood, exist in WiFi WPA3 standard implementation .Dragonblood vulnerabilities...
Two improper access control vulnerabilities in FortiMail admin webUI may allow administrators to perform privileged functions...
A Host Header Redirection vulnerability exists in FortiOS SSL-VPN web portal: when an attacker submits specially crafted HTTP...