- Filter by Date
- 2021
- 6 January
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
- 2014
- 2013
- 2012
- 2021
- Filter by Risk
-
17
-
38
-
145
-
62
-
11
-
17
- Filter by Affected Product
January
(6)
Refine Search
PSIRT Advisories
The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.
For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.
An Uncontrolled Resource Consumption vulnerability in multiple products may allow an attacker to cause web service portal denial...
FortiAnalyzer
5.6, 6.0, 6.2
FortiAP
6.0, 6.2
FortiManager
5.6, 6.0, 6.2
FortiOS
6.0, 6.2
FortiSwitch
6.0, 6.2
Feb 03, 2020
Risk
IR Number: FG-IR-19-013
A privilege escalation vulnerability in FortiClient for Linux may allow a user with low privilege to run root system commands,...
Makers of popular WiFi hacking tool hashcat have discovered a way to improve password brute-forcing of the WPA/WPA2 wifi network...
An Improper Neutralization of Input vulnerability in the description and title parameters of a Device Maintenance Schedule in...
A use of hard-coded cryptographic key vulnerability in FortiSIEM may allow a remote unauthenticated attacker to obtain SSH access...
A hard-coded password vulnerability in the FortiSIEM database component may allow attackers to access the device database via...
An improper neutralization of input during web page generation in FortiAuthenticator Agent for Outlook Web Access may allow an...
Multiple vulnerabilities, referred to as Dragonblood, exist in WiFi WPA3 standard implementation .Dragonblood vulnerabilities...
Two improper access control vulnerabilities in FortiMail admin webUI may allow administrators to perform privileged functions...
A Host Header Redirection vulnerability exists in FortiOS SSL-VPN web portal: when an attacker submits specially crafted HTTP...
Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge...
TCP SACK panic attack- Linux Kernel Vulnerabilities- CVE-2019-11477, CVE-2019-11478 & CVE-2019-11479
CVE-2019-11477:The Linux kernel is vulnerable to an integer overflow in the 16 bit width of TCP_SKB_CB(skb)->tcp_gso_segs. A...
Failure to sanitize the error or message handling parameters in the SSL VPN web portal may allow an attacker to perform a Cross-site...
A heap buffer overflow vulnerability in the FortiOS SSL VPN web portal may cause the SSL VPN web service termination for logged...
A path traversal vulnerability in the FortiOS SSL VPN web portal may allow an unauthenticated attacker to download FortiOS system...