Filter by Date
- 2020
  - 9 01-2020
Filter by Risk
- 0
- 2
- 5
- 2
- 0
Filter by Affected Product
- All
- 3 FortiSIEM
- 1 FortiAuthenticator
- 1 FortiOS

Filter by Date:

All

2020

January (9)

Filter by Risk Level:

All

Filter by Affected Product:

All

FortiSIEM (3)

FortiAuthenticator (1)

FortiOS (1)

Refine Search

PSIRT Advisories

Monthly PSIRT Advisories

2021: Sep, Aug, Jul, Jun, May, Apr, Mar, Feb, Jan
2020: Dec

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

Privilege escalation and DoS in FortiClient for Linux through local IPC socket

A privilege escalation vulnerability in FortiClient for Linux may allow a user with low privilege to run root system comma...

Jan 27, 2020 Risk

IR Number: FG-IR-19-238 CVE-2019-15711

PMKID attack on WPA/WPA2 WiFi networks

Makers of popular WiFi hacking tool hashcat have discovered a way to improve password brute-forcing of the WPA/WPA2 wifi n...

Jan 27, 2020 Risk

IR Number: FG-IR-18-199

FortiSIEM - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

An Improper Neutralization of Input vulnerability in the description and title parameters of a Device Maintenance Schedule...

FortiSIEM 5.2.5

Jan 27, 2020 Risk

IR Number: FG-IR-19-197 CVE-2019-17651

FortiSIEM default SSH key for the "tunneluser" account is the same across all appliances

A use of hard-coded cryptographic key vulnerability in FortiSIEM may allow a remote unauthenticated attacker to obtain SSH...

FortiSIEM 5.2.6

Jan 15, 2020 Risk

IR Number: FG-IR-19-296 CVE-2019-17659

FortiSIEM Database hard-coded Credentials

A hard-coded password vulnerability in the FortiSIEM database component may allow attackers to access the device database ...

FortiSIEM 5.2.5, 5.2.2, 5.2.1, 5.1.3, 5.1.2, 5.1.1, 5.1.0, 5.0.1, 5.0.0, 4.9.0, 4.7.2, 4.10.0

Jan 13, 2020 Risk

IR Number: FG-IR-19-195 CVE-2019-16153

XSS vulnerability in FortiAuthenticator OWA Agent

An improper neutralization of input during web page generation in FortiAuthenticator Agent for Outlook Web Access may allo...

FortiAuthenticator 6.0.0

Jan 06, 2020 Risk

IR Number: FG-IR-19-104 CVE-2019-16154

Dragonblood vulnerabilities in WiFi WPA3 standard implementation

Multiple vulnerabilities, referred to as Dragonblood, exist in WiFi WPA3 standard implementation .Dragonblood vulnerabilit...

Jan 03, 2020 Risk

IR Number: FG-IR-19-107 CVE-2019-9494

FortiMail admin privilege escalation through improper user profile control

Two improper access control vulnerabilities in FortiMail admin webUI may allow administrators to perform privileged functi...

Jan 03, 2020 Risk

IR Number: FG-IR-19-237 CVE-2019-15707

FortiOS SSL VPN web portal Host Header Redirection

A Host Header Redirection vulnerability exists in FortiOS SSL-VPN web portal: when an attacker submits specially crafted H...

FortiOS 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0, 5.4.9, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.13, 5.4.12, 5.4.11, 5.4.10, 5.4.1, 5.4.0, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.14, 5.2.13, 5.2.12, 5.2.11, 5.2.10, 5.2.1, 5.2.0

Jan 03, 2020 Risk

IR Number: FG-IR-19-002 CVE-2018-13384

Refine RESET

PSIRT Advisories

Monthly PSIRT Advisories

Refine
RESET