PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

FortiGate SSL VPN logs may display events of users in a different VDOM

An exposure of sensitive information to an unauthorized actor vulnerability in FortiGate may allow a remote authenticated attacker...

Jan 04, 2021 Risk

IR Number: FG-IR-20-103

FortiWeb is vulnerable to a blind SQL injection

A blind SQL injection in the user interface of FortiWeb may allow an unauthenticated, remote attacker to execute arbitrary SQL...

Jan 04, 2021 Risk

IR Number: FG-IR-20-124

Stack-Based Buffer Overflow vulnerability in FortiWeb

A stack-based buffer overflow vulnerability in FortiWeb may allow an unauthenticated, remote attacker to overwrite the content...

Jan 04, 2021 Risk

IR Number: FG-IR-20-125

FortiWeb is vulnerable to a buffer overflow

A stack-based buffer overflow vulnerability in FortiWeb may allow a remote, unauthenticated attacker to crash the httpd daemon...

Jan 04, 2021 Risk

IR Number: FG-IR-20-126

FortiWeb is vulnerable to a Format string vulnerability

A format string vulnerability in FortiWeb may allow an authenticated, remote attacker to read the content of memory and retrieve...

Jan 04, 2021 Risk

IR Number: FG-IR-20-123

FortiDeceptor is impacted by an OS command injection vulnerability

An OS command injection vulnerability in FortiDeceptor may allow a remote authenticated attacker to execute arbitrary commands...

Jan 04, 2021 Risk

IR Number: FG-IR-20-177

Refine RESET

PSIRT Advisories

Refine
RESET