- Filter by Date
- 2022
- 15 04-2022
- 2022
- Filter by Severity
-
Filter by Affected Product
- All
- 6 FortiWAN
- 3 FortiEDR
- 2 FortiClientLinux
- 1 FortiClientWindows
- 1 FortiWLC
- 1 FortiSOAR
- 0 FortiOS
- 0 FortiProxy
- 0 FortiManager
- 0 FortiAnalyzer
- 0 FortiWeb
- 0 FortiADC
- 0 FortiMail
- 0 FortiSandbox
- 0 FortiPortal
- 0 FortiAuthenticator
- 0 FortiNAC
- 0 FortiSIEM
- 0 FortiClientEMS
- 0 FortiClientMac
- 0 FortiAP
- 0 FortiTester
- 0 FortiAP-W2
- 0 FortiSwitch
- 0 FortiWLM
- 0 FortiRecorder
- 0 FortiVoiceEnterprise
- 0 FortiAP-S
- 0 FortiDeceptor
- 0 AscenLink
- 0 FortiAP-U
- 0 FortiDB
- 0 FortiDDoS
- 0 FortiCache
- 0 FortiExtender
- 0 Meru AP
- 0 FortiADCManager
- 0 FortiIsolator
- 0 FortiSIEMWindowsAgent
- 0 FortiTokenAndroid
- 0 FortiTokenIOS
- 0 FortiWAN-Manager
- 0 FSSO Windows CA
- 0 FortiAP-C
- 0 FortiClientAndroid
- 0 FortiClientiOS
- 0 FortiDDoS-CM
- 0 FortiSwitchManager
- 0 FortiWebManager
- 0 Meru Controller
- 0 SSL_VPN
- 0 FSSO (all dist.)
- 0 FSSO Windows DC Agent
- 0 FortiAnalyzer-BigData
- 0 FortiCloud
- 0 FortiDDoS-F
- 0 FortiExplorer Windows
- 0 FortiFone
- 0 FortiGuard
- 0 FortiNDR
- 0 FortiOS-6K7K
- 0 FortiPresence
- 0 FortiSDNConnector
- 0 FortiTokenMobileWP
- 0 FortiVoice
All
Refine Search
PSIRT Advisories
Monthly PSIRT Advisories
- 2023: May , Apr , Mar , Feb , Jan
- 2022: Dec , Nov , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb
- 2021: Dec , Nov , Oct , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb , Jan
- 2020: Dec
The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.
For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.
An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient for Linux may allow an una...
FortiClientLinux
7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.8, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0
Apr 05, 2022
Severity
Medium
IR Number: FG-IR-21-232
CVE-2021-44167
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Linux may allow a...
FortiClientLinux
7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0
Apr 05, 2022
Severity
Medium
IR Number: FG-IR-21-226
CVE-2021-43205
An improper initialization [CWE-665] vulnerability in FortiClient (Windows) may allow a local attacker to gain administrat...
FortiClientWindows
7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.10, 6.0.1, 6.0.0
Apr 05, 2022
Severity
High
IR Number: FG-IR-21-238
CVE-2021-44169
An improper control of a resource through its lifetime [CWE-664] vulnerability in FortiEDR Collector may allow a privilege...
A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of FortiEDR collectors may all...
FortiEDR
5.0.2, 5.0.1, 5.0.0, 4.0.0
Apr 05, 2022
Severity
Medium
IR Number: FG-IR-22-018
CVE-2022-23440
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR may allow an unauthenticated attacker on the net...
FortiEDR
5.0.2, 5.0.1, 5.0.0, 4.0.0
Apr 05, 2022
Severity
High
IR Number: FG-IR-22-019
CVE-2022-23441
A use of a broken or risky cryptographic algorithm vulnerability [CWE-327] in the Dynamic Tunnel Protocol of FortiWAN may ...
Multiple improper neutralization of special elements used in an OS command vulnerabilities (CWE-78) in FortiWAN Web GUI ma...
Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiWAN may allow an unaut...
Multiple stack-based buffer overflow vulnerabilities [CWE-121] both in network daemons and in the command line interpreter...
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiWAN may allow an attacker to...
A use of a one-way hash with a predictable salt vulnerability [CWE-760] in FortiWAN may allow an attacker who has previous...
An access of uninitialized pointer (CWE-824) vulnerability in FortiWLC may allow a local and authenticated attacker to cra...
FortiWLC
8.6.2, 8.6.1, 8.6.0, 8.5.5, 8.5.4, 8.5.3, 8.5.2, 8.5.1, 8.5.0, 8.4.8, 8.4.7, 8.4.6, 8.4.5, 8.4.4, 8.4.2, 8.4.1, 8.4.0, 8.3.3, 8.3.2, 8.3.1, 8.3.0, 8.2.7, 8.2.6, 8.2.5, 8.2.4, 8.1.3, 8.1.2, 8.0.6
Apr 05, 2022
Severity
Medium
IR Number: FG-IR-21-002
CVE-2021-26093
Two distinct spring project vulnerabilities where released recently with critical CVSS score and classified as zero-Day at...
FortiSOAR
7.0.2, 7.0.1, 7.0.0, 6.4.4, 6.4.3, 6.4.1, 6.4.0
Apr 01, 2022
Severity
High
IR Number: FG-IR-22-072
CVE-2022-22965 and 2022-22963
A security advisory was released affecting  the version of OpenSSL library used in some Fortinet products:
CVE-2022-0...
Apr 01, 2022
Severity
High
IR Number: FG-IR-22-059
CVE-2022-0778
High
IR Number: FG-IR-22-059
CVE-2022-0778