PSIRT Advisories
The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.
For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.
An Improper Authorization vulnerability in the SSL VPN web portal may allow an unauthenticated attacker to change the password...
11 zero day vulnerabilities (aka. URGENT/11) were disclosed in VxWorks® TCP/IP stack (IPnet):CVE-2019-12255 - TCP Urgent Pointer...
New types of side channel attacks impact most processors including Intel, AMD, ARM, etc. These attacks allow malicious userspace...
Failure to sanitize input in the SSL VPN web portal may allow an attacker to perform a reflected Cross-site Scripting (XSS) attack...
An Use of Hard-coded Credentials vulnerability in FortiRecorder may allow an unauthenticated attacker with knowledge of the aforementioned...
A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive...
FortiOS Explicit Web Proxy by default allows non-standard HTTP traffic. FortiOS SSL/SSH Inspection Profile by default allows non-standard...
Multiple Fortinet products may be affected by the following Linux Kernel vulnerability:CVE-2016-10229 Linux Kernel ipv4/udp.c...
FortiOS by default enables TCP timestamp response, which may lead to information disclosure.The TCP timestamp response can be...
Certificates taken out of service could potentially be improperly re-used. Impact detailFortinet has already taken steps to mitigate...
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in FortiNAC admin webUI may allow an unauthenticated...
The URL part of the report message is not encoded in Fortinet FortiWeb which may allow an attacker to execute unauthorized code...
Server Message Block (SMB) 1.0 - a legacy file and print sharing protocol - has been deprecated by Microsoft due to multiple weaknesses...
Failure to sanitize the login redir parameter in the SSL-VPN web portal may allow an attacker to perform a Cross-site Scripting...
Failure to properly parse message payloads in the SSL VPN portal of FortiOS may allow a non-authenticated attacker to perform...