Refine
RESET


Filter by Date:
All
Filter by Risk Level:
All
Filter by Affected Product:
All

PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

FortiManager - Excel formula injection in P&O IPv4 Policy names Vulnerability
An improper neutralization of formula elements vulnerability (CWE 1236) in FortiManager may allow a local authenticated pr...
FortiManager 6.4.3, 6.2.7
Sep 07, 2021 Risk IR Number: FG-IR-20-190 CVE-2021-24016
FortiManager & FortiAnalyzer - HTTP response splitting vulnerability
An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability In FortiManager and...
FortiAnalyzer 7.0.0, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.11, 6.0.10, 6.0.1, 6.0.0, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.11, 5.6.10, 5.6.1, 5.6.0 FortiManager 7.0.0, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.11, 6.0.10, 6.0.1, 6.0.0, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.11, 5.6.10, 5.6.1, 5.6.0
Aug 03, 2021 Risk IR Number: FG-IR-21-063 CVE-2021-32598
Multiple Products - Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification (FragAttacks)
On May 11th, 2021, Mathy Vanhoef (New York University Abu Dhabi) published a new paper, Fragment and Forge: Breaking Wi-Fi...
Jun 01, 2021 Risk IR Number: FG-IR-21-071 CVE-2020-26139
FortiGate & FortiADC - Read-only admins can obtain the LDAP credentials configured in the FortiGate and FortiADC using the LDAP test connectivity feature
FortiGate's and FortiADC's  read-only admins are able to point an LDAP server connectivity test request to a rogue LDAP se...
Jun 01, 2021 Risk IR Number: FG-IR-18-157 CVE-2018-13374
FortiAuthenticator - Hard-coded cryptographic keys used to encrypt sensitive data
Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in FortiAuthenticator may allow an at...
FortiAuthenticator 6.2.1, 6.2.0, 6.1.2, 6.1.1, 6.1.0, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0
Jun 01, 2021 Risk IR Number: FG-IR-20-049 CVE-2021-24005
Read-only admins can obtain LDAP credentials configured in FortiGate using LDAP test connectivity feature
Fortigate's read-only admins are able to point a LDAP server connectivity test request to a rogue LDAP server instead of t...
FortiADC 6.1.0, 6.0.2, 6.0.1, 6.0.0, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0 FortiOS 6.0.2, 6.0.1, 6.0.0, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0
Jun 01, 2021 Risk IR Number: FG-IR-18-157 CVE-2018-13374
FortiGate fails to block malformed HTTP/S traffic when transparent proxy is enabled
When traffic other than HTTP/S (eg: SSH traffic, etc...) traverses the FortiGate on port 80/443, it is not redirected to t...
FortiOS 6.2.4
Jan 21, 2021 Risk IR Number: FG-IR-20-172 CVE-2020-15938
Kr00k vulnerability (CVE-2019-15126) in Broadcom and Cypress Wi-Fi chips
During the RSA conference of February 26th 2020, researchers Štefan Svorencík and Robert Lipovsky disclosed a vulnerabilit...
FortiAP-U 6.0.2, 6.0.1, 6.0.0, 5.4.6 Meru AP 8.5.1, 8.4.6
Dec 01, 2020 Risk IR Number: FG-IR-20-035 CVE-2019-15126
Use of a hard-coded cryptographic key to cipher sensitive data in CLI configuration
Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in FortiOS, FortiManager and FortiAnal...
FortiAnalyzer 6.0, 6.2 FortiManager 6.0, 6.2 FortiOS 6.0, 6.2
Jun 30, 2020 Risk IR Number: FG-IR-19-007 CVE-2019-6693
FortiClient Use of Hard-coded Cryptographic Key
Use of a hard-coded cryptographic key to encrypt security sensitive data in configuration in FortiClient for Windows may a...
FortiClientWindows 6.2.8, 6.2.7, 6.2.6
Jun 01, 2020 Risk IR Number: FG-IR-19-194 CVE-2019-16150
Improper Authorization vulnerability in FortiADC
An improper authorization vulnerability in FortiADC may allow a remote authenticated user with low privileges to perform c...
FortiADC 5.3.4
Apr 06, 2020 Risk IR Number: FG-IR-20-013 CVE-2020-9286
XSS vulnerability in the FortiManager via the buffer parameter
An improper neutralization of input vulnerability in FortiManager GUI may allow an authenticated attacker to perform an XS...
FortiManager 6.2.1
Mar 11, 2020 Risk IR Number: FG-IR-19-271 CVE-2019-16158
Stored XSS vulnerability in traffic group interface
An improper neutralization of input vulnerability in the FortiADC may allow an attacker to execute a stored Cross Site Scr...
FortiADC 5.3.3, 5.3.2, 5.3.1
Mar 09, 2020 Risk IR Number: FG-IR-19-220 CVE-2019-6699
FortiOS DRBG insufficient entropy
FortiGate models which do not contain and embedded TRNG may suffer from insufficient entropy ("seed") in the CTR DRBG rand...
FortiOS 6.2.2, 6.2.1, 6.2.0, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.1, 5.6.0, 5.4.9, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.13, 5.4.12, 5.4.11, 5.4.10, 5.4.1, 5.4.0, 5.0.5, 5.0.4, 5.0.3
Feb 13, 2020 Risk IR Number: FG-IR-19-186 CVE-2019-15703
FortiSIEM default SSH key for the "tunneluser" account is the same across all appliances
A use of hard-coded cryptographic key vulnerability in FortiSIEM may allow a remote unauthenticated attacker to obtain SSH...
FortiSIEM 5.2.6
Jan 15, 2020 Risk IR Number: FG-IR-19-296 CVE-2019-17659