PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing sett...

FortiOS 6.0.2, 6.0.1, 6.0.0, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0, 5.4.9, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.10, 5.4.1, 5.4.0, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.12, 5.2.11, 5.2.10, 5.2.1, 5.2.0, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.14, 5.0.13, 5.0.12, 5.0.11, 5.0.10, 5.0.1, 5.0.0, 4.3.9, 4.3.8, 4.3.7, 4.3.6, 4.3.5, 4.3.4, 4.3.3, 4.3.2, 4.3.19, 4.3.18, 4.3.17, 4.3.16, 4.3.15, 4.3.14, 4.3.13, 4.3.12, 4.3.11, 4.3.10, 4.3.1, 4.3.0, 4.2.9, 4.2.8, 4.2.7, 4.2.6, 4.2.5, 4.2.4, 4.2.3, 4.2.2, 4.2.16, 4.2.15, 4.2.14, 4.2.13, 4.2.12, 4.2.11, 4.2.10, 4.2.1, 4.2.0, 4.1.9, 4.1.8, 4.1.7, 4.1.6, 4.1.5, 4.1.4, 4.1.3, 4.1.2, 4.1.11, 4.1.10, 4.1.1, 4.0.4, 4.0.3, 4.0.2, 4.0.1, 4.0.0
Apr 04, 2019 Risk IR Number: FG-IR-18-230 CVE-2018-13371
A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiSandbox may allow an attacker to execute unauthorize...

FortiSandbox 2.5.2, 2.5.1, 2.5.0, 2.4.1, 2.4.0
Apr 03, 2019 Risk IR Number: FG-IR-18-024 CVE-2018-1356
An improper access control vulnerability in FortiClientMac may allow an attacker to affect the application's performance v...

FortiClientMac 6.0.4, 6.0.3, 6.0.2, 6.0.1
Apr 02, 2019 Risk IR Number: FG-IR-19-003 CVE-2019-5585
An information exposure vulnerability in the admin portal of FortiSIEM may allow an authenticated admin to retrieve the LD...

FortiSIEM 5.1.3, 5.1.2, 5.1.1, 5.1.0, 5.0.1, 5.0.0, 4.9.0, 4.10.0
Mar 29, 2019 Risk IR Number: FG-IR-18-382 CVE-2018-13378
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birt...

FortiCache 4.2.8, 4.1.1, 4.0.4, 4.0.3, 4.0.2, 4.0.1, 4.0.0, 3.1.1, 3.1.0, 3.0.8, 3.0.7, 3.0.6, 3.0.5, 3.0.4, 3.0.3, 3.0.2, 3.0.1, 3.0.0, 2.3.7, 2.3.6, 2.3.5, 2.3.4, 2.3.3, 2.3.2, 2.3.1, 2.3.0, 2.2.4, 2.2.3, 2.2.2, 2.2.1, 2.2.0, 2.1.3, 2.1.2, 2.1.1, 2.1.0, 2.0.1, 2.0.0, 1.0.0, 0.4.10 FortiClientEMS 1.2.1, 1.0.2, 1.0.1, 1.0.0 FortiManager 6.0.2, 5.6.5 FortiAnalyzer 6.0.2, 5.6.5 FortiOS 5.4.1, 5.4.0, 5.2.9, 5.0.14 FortiSwitch 6.0.1, 3.6.7 FortiPortal 5.0.0
Feb 07, 2019 Risk IR Number: FG-IR-17-173 CVE-2016-2183
There is a format string vulnerability in the SSH username handling when connecting to FortiOS 5.6.0, that may lead to mem...

FortiOS 5.6.0
Jan 11, 2019 Risk IR Number: FG-IR-18-018 CVE-2018-1352
There is a Null pointer dereference in the NDIS Miniport drivers in FortiClient on Windows, which may be leveraged by an u...

Jan 11, 2019 Risk IR Number: FG-IR-18-092 CVE-2018-9190
A researcher has disclosed several vulnerabilities against FortiClient for Windows, the combination of these vulnerabiliti...

Dec 22, 2018 Risk IR Number: FG-IR-18-108 CVE-2018-9191
An uninitialized memory buffer leak exists in FortiOS web proxy's disclaimer response web pages, potentially causing sensi...

FortiOS 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.12, 6.0.11, 6.0.10, 5.6.3, 5.6.2, 5.6.1, 5.4.7, 5.4.6, 5.2.15, 5.2.14, 5.2.13, 5.2.12
Nov 22, 2018 Risk IR Number: FG-IR-18-325 CVE-2018-13376
libssh versions 0.6 and above have an authentication bypass vulnerability inthe server code. By presenting the server an S...

Nov 21, 2018 Risk IR Number: FG-IR-18-336 CVE-2018-10933
An attacker could send DHCP request containing malicious scripts in the HOSTNAME parameter. The malicious script code is e...

FortiAnalyzer 5.6.0, 5.4.5
Nov 16, 2018 Risk IR Number: FG-IR-18-121 CVE-2018-13375
Fortigate PPTP service reveals serial number of FortiGate in the hostname field defined in connection control setup packet...

FortiOS 6.0.1, 6.0.0, 5.6.7, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0, 5.4.9, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.13, 5.4.12, 5.4.11, 5.4.10, 5.4.1, 5.4.0
Nov 16, 2018 Risk IR Number: FG-IR-18-101 CVE-2018-13366
Two new attacks on IPsec IKE (Internet Key Exchange) were recently disclosed [1], involving multiple ways to perform attac...

Aug 27, 2018 Risk IR Number: FG-IR-18-214 CVE-2018-5389
A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be poss...

Aug 27, 2018 Risk IR Number: FG-IR-17-302 CVE-2018-9192
On May 23, 2018, Talos disclosed in a blog post the discovery of a modular malware system they deemed "VPNFilter", affecti...

Aug 27, 2018 Risk IR Number: FG-IR-18-106