- Filter by Date
- 2021
- 8 01-2021
- 2021
- Filter by Severity
-
Filter by Affected Product
- All
- 2 FortiOS
- 1 FortiWeb
- 1 FortiDeceptor
- 1 FortiIsolator
- 0 FortiManager
- 0 FortiAnalyzer
- 0 FortiProxy
- 0 FortiMail
- 0 FortiADC
- 0 FortiPortal
- 0 FortiSandbox
- 0 FortiClientWindows
- 0 FortiWAN
- 0 FortiAuthenticator
- 0 FortiClientEMS
- 0 FortiSIEM
- 0 FortiWLC
- 0 FortiClientMac
- 0 FortiWLM
- 0 FortiNAC
- 0 FortiSOAR
- 0 FortiSwitch
- 0 FortiAP
- 0 FortiDDoS
- 0 FortiRecorder
- 0 FortiTester
- 0 FortiVoiceEnterprise
- 0 FortiAP-S
- 0 FortiAP-U
- 0 FortiAP-W2
- 0 FortiClientLinux
- 0 FortiEDR
- 0 FortiDDoS-F
- 0 FortiADCManager
- 0 FortiExtender
- 0 FortiNDR
- 0 FortiSIEMWindowsAgent
- 0 AscenLink
- 0 FortiAP-C
- 0 FortiAnalyzer-BigData
- 0 FortiCache
- 0 FortiClientiOS
- 0 FortiDDoS-CM
- 0 FortiTokenAndroid
- 0 FortiWebManager
- 0 Meru AP
- 0 AV Engine
- 0 FSSO Windows CA
- 0 FSSO Windows DC Agent
- 0 FortiClientAndroid
- 0 FortiCloud
- 0 FortiDB
- 0 FortiFone
- 0 FortiGuard
- 0 FortiOS-6K7K
- 0 FortiSDNConnector
- 0 FortiSwitchManager
- 0 FortiTokenIOS
- 0 FortiTokenMobileWP
- 0 FortiWAN-Manager
- 0 Meru Controller
All
Refine Search
PSIRT Advisories
Monthly PSIRT Advisories
- 2022: Dec , Nov , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb
- 2021: Dec , Nov , Oct , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb , Jan
- 2020: Dec
The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.
For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.
When traffic other than HTTP/S (eg: SSH traffic, etc...) traverses the FortiGate on port 80/443, it is not redirected to t...
An insufficient session expiration vulnerability in FortiIsolator may allow an attacker to reuse the unexpired admin user ...
An exposure of sensitive information to an unauthorized actor vulnerability in FortiGate may allow a remote authenticated ...
FortiOS
6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.10, 6.0.1, 6.0.0
Jan 04, 2021
Severity
Medium
IR Number: FG-IR-20-103
CVE-2020-29010
A blind SQL injection in the user interface of FortiWeb may allow an unauthenticated, remote attacker to execute arbitrary...
Jan 04, 2021
Severity
Medium
IR Number: FG-IR-20-124
CVE-2020-29015
Medium
IR Number: FG-IR-20-124
CVE-2020-29015
A stack-based buffer overflow [CWE-121] vulnerability in FortiWeb may allow an unauthenticated attacker to overwrite the c...
FortiWeb
6.3.7, 6.3.6, 6.3.5, 6.3.4, 6.3.3, 6.3.2, 6.3.1, 6.3.0, 6.2.3, 6.2.2, 6.2.1, 6.2.0
Jan 04, 2021
Severity
High
IR Number: FG-IR-20-125
CVE-2020-29016
A stack-based buffer overflow vulnerability in FortiWeb may allow a remote, unauthenticated attacker to crash the httpd da...
Jan 04, 2021
Severity
Medium
IR Number: FG-IR-20-126
CVE-2020-29019
Medium
IR Number: FG-IR-20-126
CVE-2020-29019
A format string vulnerability in FortiWeb may allow an authenticated, remote attacker to read the content of memory and re...
Jan 04, 2021
Severity
Medium
IR Number: FG-IR-20-123
CVE-2020-29018
Medium
IR Number: FG-IR-20-123
CVE-2020-29018
Multiple OS command injection vulnerabilities in FortiDeceptor management interface may allow an authenticated user to exe...
FortiDeceptor
4.0.0, 3.3.1, 3.3.0, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.2, 3.0.1, 3.0.0, 2.1.0, 2.0.0, 1.1.0, 1.0.1, 1.0.0
Jan 04, 2021
Severity
High
IR Number: FG-IR-20-177
CVE-2020-29017