PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

There is a Null pointer dereference in the NDIS Miniport drivers in FortiClient on Windows, which may be leveraged by an unprivileged...

Jan 11, 2019 Risk IR Number: FG-IR-18-092
Fortigate's read-only admins are able to point a LDAP server connectivity test request to a rogue LDAP server instead of the configured...

Nov 16, 2018 Risk IR Number: FG-IR-18-157
On May 23, 2018, Talos disclosed in a blog post the discovery of a modular malware system they deemed "VPNFilter", affecting multiple...

Aug 27, 2018 Risk IR Number: FG-IR-18-106
FortiCloud password reset link requested by the user takes one hour to expire even after password was changed successfully,...

Aug 24, 2018 Risk IR Number: FG-IR-18-074
An open redirect vulnerability exists in FortiAnalyzer and FortiManager when a user of the GUI is converting an HTML table to...

Jun 22, 2018 Risk IR Number: FG-IR-18-022
An improper access control vulnerability exists in FortiAnalyzer and FortiManager, whereby a regular user of the GUI can edit...

Jun 22, 2018 Risk IR Number: FG-IR-18-014
A potential Cross-site Scripting (XSS) vulnerability exists in FortiManager: Displayed data is not sanitized when an administrator...

Jun 22, 2018 Risk IR Number: FG-IR-18-006
On FortiAuthenticator, a HTML page is returned to the user when the CSRF validation fails on referer mismatch. This page displays...

May 29, 2018 Risk IR Number: FG-IR-18-059
A new side-channel attack that takes advantage of the speculative execution feature of modern processors to recover data from...

Apr 03, 2018 Risk IR Number: FG-IR-18-067
The FortiOS web proxy disclaimer page is potentially vulnerable to an XSS attack, via maliciously crafted "Host" headers in user...

Jan 22, 2018 Risk IR Number: FG-IR-17-262
Intel recently released a security update (Intel-SA-00086), regarding Intel ME 11.x, SPS 4.0, and TXE 3.0 intel products.The following...

Jan 04, 2018 Risk IR Number: FG-IR-17-271
Two XSS vulnerabilities were reported to us affecting FortiOS that can be exploited to load and run a remote (malicious) Javascript...

Jun 15, 2017 Risk IR Number: FG-IR-17-127
FortiOS is subject to a Cross-Site Scripting vulnerability,  due to an improperly sanitized parameter in a hidden CLI configuration...

May 17, 2017 Risk IR Number: FG-IR-17-057
The FortiAnalyzer and FortiManager WebUI accept a user-controlled input that specifies a link to an external site, and uses that...

Apr 26, 2017 Risk IR Number: FG-IR-17-014
An XSS vulnerability caused by the scrintf parameter input during Firewall Policy Creation can be exploited to load and run a...

Apr 19, 2017 Risk IR Number: FG-IR-17-017