- Filter by Date
- 2022
- 7 06-2022
- 2022
- Filter by Severity
-
Filter by Affected Product
- All
- 2 FortiAnalyzer
- 1 FortiOS
- 1 FortiManager
- 1 FortiSandbox
- 1 FortiClientWindows
- 1 FortiAP-U
- 1 FortiDDoS
- 1 FortiTokenAndroid
- 1 FortiTokenIOS
- 1 FortiTokenMobileWP
- 0 FortiWeb
- 0 FortiProxy
- 0 FortiMail
- 0 FortiADC
- 0 FortiPortal
- 0 FortiAuthenticator
- 0 FortiWAN
- 0 FortiNAC
- 0 FortiSIEM
- 0 FortiClientEMS
- 0 FortiSwitch
- 0 FortiWLC
- 0 FortiAP
- 0 FortiAP-W2
- 0 FortiClientMac
- 0 FortiRecorder
- 0 FortiSOAR
- 0 FortiTester
- 0 FortiAP-S
- 0 FortiVoiceEnterprise
- 0 FortiWLM
- 0 FortiDeceptor
- 0 AscenLink
- 0 FortiClientLinux
- 0 FortiDB
- 0 FortiEDR
- 0 Meru AP
- 0 FortiCache
- 0 FortiExtender
- 0 FortiADCManager
- 0 FortiAP-C
- 0 FortiIsolator
- 0 FortiSIEMWindowsAgent
- 0 FortiSwitchManager
- 0 FortiWAN-Manager
- 0 FSSO Windows CA
- 0 FortiClientAndroid
- 0 FortiClientiOS
- 0 FortiDDoS-CM
- 0 FortiNDR
- 0 FortiOS-6K7K
- 0 FortiWebManager
- 0 Meru Controller
- 0 SSL_VPN
- 0 AV Engine
- 0 FSSO (all dist.)
- 0 FSSO Windows DC Agent
- 0 FortiAnalyzer-BigData
- 0 FortiCloud
- 0 FortiDDoS-F
- 0 FortiExplorer Windows
- 0 FortiFone
- 0 FortiGuard
- 0 FortiPresence
- 0 FortiSDNConnector
- 0 FortiVoice
All
Refine Search
PSIRT Advisories
Monthly PSIRT Advisories
- 2023: May , Apr , Mar , Feb , Jan
- 2022: Dec , Nov , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb
- 2021: Dec , Nov , Oct , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb , Jan
- 2020: Dec
The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.
For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.
A path traversal vulnerability [CWE-22] in FortiAP-U CLI may allow an admin user to delete and access unauthorized files a...
FortiAP-U
6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.0
Jun 07, 2022
Severity
High
IR Number: FG-IR-22-109
CVE-2022-30301
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiAuthenticator OWA Agent may ...
Jun 07, 2022
Severity
Medium
IR Number: FG-IR-22-021
CVE-2022-22304
Medium
IR Number: FG-IR-22-021
CVE-2022-22304
An execution with unnecessary privileges vulnerability [CWE-250] in FortiClientWindows may allow a local attacker to perfo...
FortiClientWindows
7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.10, 6.0.1, 6.0.0
Jun 07, 2022
Severity
High
IR Number: FG-IR-22-044
CVE-2022-26113
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API may allow an attacker who managed to retrie...
FortiDDoS
5.5.1, 5.5.0, 5.4.2, 5.4.1, 5.4.0, 5.3.1, 5.3.0, 5.2.0, 5.1.0
Jun 07, 2022
Severity
High
IR Number: FG-IR-22-071
CVE-2022-29060
An improper validation of certificate with host mismatch vulnerability [CWE-297] in FortiTokenMobile may allow an unauthen...
FortiTokenAndroid
5.0.3, 5.0.2, 4.5.0, 4.4.0, 4.3.0, 4.2.2, 4.2.1, 4.1.1, 4.0.1, 4.0.0, 3.0.4, 3.0.3, 3.0.2, 3.0.1, 3.0.0, 0.4.20, 0.4.10
FortiTokenIOS
5.2.0, 4.3.0, 4.2.0, 4.1.1, 4.1.0, 3.0.5, 3.0.4, 3.0.3, 3.0.2, 3.0.1
FortiTokenMobileWP
4.0.3, 3.0.1, 3.0.0
Jun 07, 2022
Severity
Medium
IR Number: FG-IR-21-024
CVE-2021-22131
An improper certificate validation vulnerability [CWE-295] in FortiOS, FortiAnalyzer, FortiManager, and FortiSandbox may a...
FortiAnalyzer
7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.10, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.11, 6.0.10, 6.0.1, 6.0.0
FortiManager
7.0.1, 7.0.0, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.10, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.11, 6.0.10, 6.0.1, 6.0.0
FortiSandbox
4.0.2, 4.0.1, 4.0.0, 3.2.4, 3.2.3, 3.2.2, 3.2.1, 3.2.0, 3.1.5, 3.1.4, 3.1.3, 3.1.2, 3.1.1, 3.1.0, 3.0.7, 3.0.6, 3.0.5, 3.0.4, 3.0.3, 3.0.2, 3.0.1, 3.0.0
FortiOS
6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.14, 6.2.13, 6.2.12, 6.2.11, 6.2.10, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.16, 6.0.15, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10
Jun 07, 2022
Severity
Medium
IR Number: FG-IR-18-292
CVE-2022-22305
Security advisories were released affecting the version of Apache Airflow library used in some Fortinet products:
CVE-202...
FortiAnalyzer
7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0
Jun 07, 2022
Severity
Critical
IR Number: FG-IR-22-008
CVE-2020-13927