PSIRT Advisories
The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.
For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.
The pam.log file generated by FortiWLC contains authenticated users credentials (local admin and users authenticated against external...
FortiWLC runs a rsyncd server, historically used for High-Availability purpose. This server comes with a hardcoded account, which...
A vulnerability in FortiDDoS allows escalation of privilege via remote OS injection through crafted URLs sent to the GUI. The...
OpenSSL released an update in May 2016 to address two high and four low severity vulnerabilities.CVE-2016-2108; CVE-2016-2107;...
One of the processes in FortiClient stores VPN credentials unencrypted in memory. A malicious attacker who compromised the workstation...
FortWan 4.2.4 and below is exposed to cross site scripting, information leak and escalation of privilege vulnerabilities.CVE-2016-4965:...