• Filter by Date
  • Filter by Risk
  • Filter by Affected Product

PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

On FortiAuthenticator, a HTML page is returned to the user when the CSRF validation fails on referer mismatch. This page d...

May 29, 2018 Risk IR Number: FG-IR-18-059
A SSL VPN user logged in via the web portal can access internal FortiOS configuration information (eg: addresses) via spec...

May 18, 2018 Risk IR Number: FG-IR-17-231
An admin user with super_admin privileges can execute an arbitrary binary contained on an USB drive plugged to a FortiGate...

May 18, 2018 Risk IR Number: FG-IR-17-245
US-Cert published a document at https://www.us-cert.gov/ncas/alerts/TA17-075A which outlines some security flaws that may ...

May 16, 2018 Risk IR Number: FG-IR-17-160
FortiWLC included two hardcoded accounts which were used by Meru Access Points to report core dumps; these accounts had re...

May 04, 2018 Risk IR Number: FG-IR-17-274