• â–º Home
  • PSIRT

Refine
RESET


Filter by Date:
All
Filter by Risk Level:
All

PSIRT Advisories

The FortiGuard Labs Product Security Incident Response Team (PSIRT) continually test Fortinet hardware and software products, looking for vulnerabilities and weaknesses. Any such findings are fed back to Fortinet's development teams and serious issues are described along with protective solutions in the advisories below.

FortiSIEM default SSH key for the "tunneluser" account is the same across all appliances
A use of hard-coded cryptographic key vulnerability in FortiSIEM may allow a remote unauthenticated attacker to obtain SSH access...
Jan 15, 2020 Risk IR Number: FG-IR-19-296
FortiOS SSL VPN web portal Host Header Redirection
A Host Header Redirection vulnerability exists in FortiOS SSL-VPN web portal: when an attacker submits specially crafted HTTP...
FortiGate 5.4, 5.6, 6.0
Jan 03, 2020 Risk IR Number: FG-IR-19-002
XSS vulnerability in FortiGate DHCP monitor page
An Improper Neutralization of Input vulnerability in the hostname parameter of a DHCP packet under DHCP monitor page may allow...
Nov 25, 2019 Risk IR Number: FG-IR-19-184
Use of a hard-coded cryptographic key to cipher sensitive data in configuration backup files
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with...
Nov 19, 2019 Risk IR Number: FG-IR-19-007
FortiOS admin privilege escalation via restoring configs
A privilege escalation vulnerability in FortiOS may allow admin users to elevate their profile to super_admin, via restoring modified...
Nov 14, 2019 Risk IR Number: FG-IR-17-053
Console window of FortiClient for Mac OS displays password in clear-text.
A clear text storage of sensitive information vulnerability in FortiClient for Mac may allow a local attacker  to read sensitive...
Nov 08, 2019 Risk IR Number: FG-IR-19-227
FortiOS DRBG unsufficient entropy
Part of FortiOS models by default suffer from insufficient entropy ("seed") in CTR DRBG random data software generator.Unsufficient...
Oct 18, 2019 Risk IR Number: FG-IR-19-186
Meltdown and Spectre class vulnerabilities
New types of side channel attacks impact most processors including Intel, AMD, ARM, etc. These attacks allow malicious userspace...
Aug 26, 2019 Risk IR Number: FG-IR-18-002
Multiple VPN applications insecurely store session cookies
The Missing Encryption Of Sensitive Data vulnerability in FortiClient may allow an attacker to access VPN session cookie from...
Apr 23, 2019 Risk IR Number: FG-IR-19-110
FortiManager Unencrypted Password Vulnerability
A cleartext transmission of sensitive information vulnerability in FortiManager may allow an unauthenticated attacker in a man...
Apr 23, 2019 Risk IR Number: FG-IR-18-051
FortiSIEM LDAP server password reflected in admin portal
An information exposure vulnerability in the admin portal of FortiSIEM may allow an authenticated admin to retrieve the LDAP server...
Mar 29, 2019 Risk IR Number: FG-IR-18-382
FortiClient NDIS Miniport Driver Null Pointer Dereference
There is a Null pointer dereference in the NDIS Miniport drivers in FortiClient on Windows, which may be leveraged by an unprivileged...
Jan 11, 2019 Risk IR Number: FG-IR-18-092
Read-only admins can obtain LDAP credentials configured in FortiGate using LDAP test connectivity feature
Fortigate's read-only admins are able to point a LDAP server connectivity test request to a rogue LDAP server instead of the configured...
Nov 16, 2018 Risk IR Number: FG-IR-18-157
VPNFilter botnet
On May 23, 2018, Talos disclosed in a blog post the discovery of a modular malware system they deemed "VPNFilter", affecting multiple...
Aug 27, 2018 Risk IR Number: FG-IR-18-106
Forgot password link doesn't expire after use
FortiCloud password reset link requested by the user takes one hour to expire even after password was changed successfully,...
Aug 24, 2018 Risk IR Number: FG-IR-18-074