PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

An improper authentication vulnerability in FortiMail and FortiVoiceEnterprise may allow a remote unauthenticated attacker...

FortiMail 6.2.2, 6.2.1, 6.2.0, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.4.9, 5.4.8, 5.4.7, 5.4.6, 5.4.10 FortiVoiceEnterprise 6.0.1, 6.0.0
Apr 27, 2020 Risk IR Number: FG-IR-20-045 CVE-2020-9294
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does...

FortiSwitch 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.0.7, 6.0.6, 6.0.5
Apr 23, 2020 Risk IR Number: FG-IR-19-224 CVE-2019-9506
An improper neutralization of input vulnerability in the dashboard of FortiADC may allow an authenticated attacker to perf...

FortiADC 5.4.0, 5.3.4
Apr 06, 2020 Risk IR Number: FG-IR-20-012 CVE-2020-6647
An improper authorization vulnerability in FortiADC may allow a remote authenticated user with low privileges to perform c...

FortiADC 5.3.4
Apr 06, 2020 Risk IR Number: FG-IR-20-013 CVE-2020-9286