PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

When the "VPN before logon" feature of FortiClient Windows is enabled (disabled by default), and when the server certifica...

Dec 13, 2017 Risk IR Number: FG-IR-17-070 CVE-2017-7344
An admin user with super_admin privileges (i.e. with a super_admin profile) may view the current sslvpn web portal session...

FortiOS 5.6.2, 5.6.1, 5.6.0, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.15, 5.2.14, 5.2.13, 5.2.12, 5.2.11, 5.2.10, 5.2.1, 5.2.0
Dec 08, 2017 Risk IR Number: FG-IR-17-172 CVE-2017-7738
Before Dec 5th, 2017, a Cross-Site-Scripting (XSS) vulnerability in forticloud.com on-demand sandbox GUI may have allowed ...

Dec 08, 2017 Risk IR Number: FG-IR-17-259