Filter by Date
- 2022
  - 9 05-2022
  - 15 04-2022
  - 11 03-2022
  - 7 02-2022
- 2021
  - 41 12-2021
  - 21 11-2021
  - 7 10-2021
  - 12 09-2021
  - 21 08-2021
  - 18 07-2021
  - 16 06-2021
  - 3 05-2021
  - 4 04-2021
  - 4 03-2021
  - 4 02-2021
  - 8 01-2021
- 2020
  - 3 12-2020
  - 1 11-2020
  - 4 10-2020
  - 8 09-2020
  - 2 07-2020
  - 11 06-2020
  - 4 05-2020
  - 4 04-2020
  - 10 03-2020
  - 6 02-2020
  - 9 01-2020
- 2019
  - 1 12-2019
  - 11 11-2019
  - 4 10-2019
  - 3 09-2019
  - 5 08-2019
  - 6 07-2019
  - 2 06-2019
  - 4 05-2019
  - 7 04-2019
  - 1 03-2019
  - 1 02-2019
  - 2 01-2019
- 2018
  - 1 12-2018
  - 4 11-2018
  - 8 08-2018
  - 2 07-2018
  - 5 06-2018
  - 5 05-2018
  - 3 04-2018
  - 1 03-2018
  - 2 01-2018
- 2017
  - 3 12-2017
  - 6 11-2017
  - 8 10-2017
  - 1 09-2017
  - 2 08-2017
  - 2 07-2017
  - 2 06-2017
  - 2 05-2017
  - 12 04-2017
  - 2 02-2017
- 2016
  - 1 12-2016
  - 5 11-2016
  - 1 10-2016
  - 6 09-2016
  - 6 08-2016
  - 3 07-2016
  - 1 06-2016
  - 2 05-2016
  - 1 04-2016
  - 2 03-2016
  - 1 02-2016
  - 1 01-2016
- 2015
  - 2 12-2015
  - 2 09-2015
  - 6 07-2015
  - 1 06-2015
  - 2 05-2015
  - 3 04-2015
  - 2 03-2015
  - 5 02-2015
  - 1 01-2015
- 2014
  - 1 12-2014
  - 3 10-2014
  - 1 09-2014
  - 1 08-2014
  - 1 07-2014
  - 1 06-2014
  - 1 05-2014
  - 3 04-2014
  - 3 02-2014
  - 1 01-2014
- 2013
  - 1 12-2013
  - 1 11-2013
  - 1 07-2013
  - 1 06-2013
  - 1 05-2013
  - 1 01-2013
- 2012
  - 2 12-2012
  - 2 10-2012
  - 1 09-2012
  - 1 08-2012
  - 1 05-2012
  - 1 02-2012
Filter by Severity
- 26 Critical
- 102 High
- 248 Medium
- 78 Low
- 11 Informational
Filter by Affected Product
- All
- 69 FortiOS
- 38 FortiWeb
- 33 FortiManager
- 27 FortiAnalyzer
- 20 FortiProxy
- 19 FortiMail
- 18 FortiPortal
- 17 FortiSandbox
- 13 FortiClientWindows
- 11 FortiAuthenticator

Refine Search

PSIRT Advisories

Monthly PSIRT Advisories

2022: May , Apr , Mar , Feb
2021: Dec , Nov , Oct , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb , Jan
2020: Dec

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

CVE-2014-8730 "Poodle for TLS" vulnerability

Dec 18, 2014 Severity light-circle-logo

Medium IR Number: FG-IR-14-034 CVE-2014-8730

Multiple XSS vulnerabilities in FortiManager and FortiAnalyzer Web UI

Prior to version 5.0.7, the Web User Interface of FortiManager and FortiAnalyzer is vulnerable to multiple reflected Cross...

Oct 30, 2014 Severity light-circle-logo

High IR Number: FG-IR-14-033 CVE-2014-2334

FortiADC-E remote network access vulnerability

Oct 21, 2014 Severity light-circle-logo

Critical IR Number: FG-IR-14-032

SSL v3 "POODLE" Vulnerability

Oct 15, 2014 Severity light-circle-logo

Medium IR Number: FG-IR-14-031 CVE-2014-3566

Remote Exploit Vulnerability in Bash - (Shellshock)

An exploit has been discovered in GNU Bourne Again Shell (Bash) versions 1.14.0 through 4.3. This vulnerability may allow...

FortiAnalyzer 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.10, 5.2.1, 5.2.0, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.1, 5.0.0 FortiAuthenticator 3.1.1, 3.1.0, 3.0.3, 3.0.0, 2.2.0, 2.1.0, 1.3.1, 1.3.0, 1.2.1, 1.2.0, 1.1.0, 1.0.0 FortiDB 5.1.1, 5.1.0, 5.0.0, 4.4.3, 4.4.2, 4.4.1, 4.4.0, 4.3.2, 4.0.1, 4.0.0, 3.2.7, 3.2.6, 3.2.5, 3.2.4, 3.2.3, 3.2.1, 0.4.10 FortiManager 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.10, 5.2.1, 5.2.0, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.1, 5.0.0, 4.3.8, 4.3.7, 4.3.6, 4.3.5, 4.3.4, 4.3.3, 4.3.2, 4.3.1, 4.3.0, 4.2.9, 4.2.8, 4.2.7, 4.2.6, 4.2.5, 4.2.4, 4.2.2, 4.2.1, 4.2.0, 4.1.4, 4.1.3, 4.1.2, 4.1.1, 4.0.3, 4.0.2, 4.0.1, 4.0.0 FortiWLC 8.6.0, 8.5.3, 8.5.2, 8.5.1, 8.5.0, 8.4.8, 8.4.7, 8.4.6, 8.4.5, 8.4.4, 8.4.2, 8.4.1, 8.4.0, 8.3.3, 8.3.2, 8.3.1, 8.3.0, 8.2.7, 8.2.6, 8.2.5, 8.2.4, 8.1.3, 8.1.2, 8.0.6, 8.0.5

Sep 25, 2014 Severity light-circle-logo

Critical IR Number: FG-IR-14-030 CVE-2014-6271

FortiGate Vulnerabilities in FortiManager Service

A temporary denial of service condition can be created using a specially crafted request sent to the FortiManager protocol...

Aug 19, 2014 Severity light-circle-logo

Medium IR Number: FG-IR-14-006 CVE-2014-0351

FortiWeb Cross-Site Scripting Vulnerabilities

FortiWeb 5.0, 5.1 and 5.2.0 are vulnerable to multiple reflective cross-site scripting issues. Several parameters in the w...

Jul 10, 2014 Severity light-circle-logo

Medium IR Number: FG-IR-14-012 CVE-2014-4738

Multiple Vulnerabilities in OpenSSL

The OpenSSL project released an advisory on June 5th, 2014, which describes the following vulnerabilities: SSL/TLS MITM v...

Jun 06, 2014 Severity light-circle-logo

Medium IR Number: FG-IR-14-018 CVE-2014-0224

FortiWeb Cross-Site Request Forgery Vulnerability

Multiple CSRF vulnerabilities exist in the FortiWeb web administration console due to lack of CSRF token protection. This ...

May 02, 2014 Severity light-circle-logo

Medium IR Number: FG-IR-14-013 CVE-2014-3115

Information Disclosure Vulnerability in OpenSSL (Heartbleed)

An information disclosure vulnerability has been discovered in OpenSSL versions 1.0.1 through 1.0.1f. This vulnerability m...

Apr 08, 2014 Severity light-circle-logo

Critical IR Number: FG-IR-14-011 CVE-2014-0160

FortiADC Cross-Site Scripting Vulnerability

The web administration interface on FortiADC D-series versions 3.2.0 and lower have a reflective cross-site scripting vuln...

Apr 03, 2014 Severity light-circle-logo

Medium IR Number: FG-IR-14-004 CVE-2014-0331

FortiBalancer Remote SSH Vulnerability

A platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access...

Apr 02, 2014 Severity light-circle-logo

Critical IR Number: FG-IR-14-010 CVE-2014-2721 password issue

FortiWeb Multiple Vulnerabilities

FortiWeb 5.0.2 and lower are vulnerable to cross-site scripting (CVE-2014-1955), HTTP header injection (CVE-2014-1956) and...

Feb 13, 2014 Severity light-circle-logo

Medium IR Number: FG-IR-13-009 CVE-2014-1955

FortiGate Cross-Site Scripting Vulnerability

FortiOS 5.0.5 and earlier versions contain a cross-site scripting vulnerability. The mkey parameter in the URL /firewall/...

Feb 03, 2014 Severity light-circle-logo

Medium IR Number: FG-IR-14-003 CVE-2013-7182

FortiWeb Cross-Site Scripting Vulnerability

Fortiweb 5.0.3 and earlier versions contain a cross-site scripting vulnerability. The filter parameter in the URL "/user/...

Feb 03, 2014 Severity light-circle-logo

Medium IR Number: FG-IR-14-002 CVE-2013-7181

Network

Content and Endpoint

Application

Response

FortiNDR

FortiSandbox

FortiTester

Refine

PSIRT Advisories

Monthly PSIRT Advisories

News / Research

Network

Content and Endpoint

Application

Response

FortiGate

FortiDeceptor

FortiClient

FortiMail

FortiEDR

FortiADC

FortiAnalyzer/FortiSIEM

FortiCWP

FortiWeb

FortiNDR

FortiSandbox

FortiTester

Threat Lookup

PSIRT

Resources

Refine

PSIRT Advisories

Monthly PSIRT Advisories