• Filter by Date
  • Filter by Risk
  • Filter by Affected Product

PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

FortiWebManager 5.8.0 fails to check the admin password, granting access regardless the provided string.

Nov 22, 2017 Risk IR Number: FG-IR-17-248
There exists a persistent Cross-site Scripting (XSS) vulnerability on FortiWeb's webUI Certificate View page, which can be...

Nov 17, 2017 Risk IR Number: FG-IR-17-131
An old Infineon RSA library does not properly generate RSA key pairs, therefore enabling an attacker to potentially infer ...

Nov 03, 2017 Risk IR Number: FG-IR-17-249
A collection of Bluetooth implementation vulnerabilities known as "BlueBorne" has been released. These vulnerabilities col...

Nov 03, 2017 Risk IR Number: FG-IR-17-212
A reflected XSS vulnerability exists in FortiOS web proxy disclaimer response web pages, potentially  exploitable by an un...

Nov 03, 2017 Risk IR Number: FG-IR-17-168
FortiOS SSL Deep-Inspection may enable insecure renegotiation between TLS clients and servers that support secure renegoti...

Nov 03, 2017 Risk IR Number: FG-IR-17-137