PSIRT Advisories

FortiSOAR - Privilege escalation from nginx user to root


An improper privilege management vulnerability [CWE-269] in FortiSOAR may allow a GUI user who has already found a way to modify system files (via another, unrelated and hypothetical exploit) to execute arbitrary Python commands as root.

Affected Products

FortiSOAR version 7.2.0
FortiSOAR version 7.0.0 through 7.0.2
FortiSOAR version 6.4.0 through 6.4.4


Please upgrade to FortiSOAR version 7.2.1 or above
Please upgrade to FortiSOAR version 7.0.3 or above


Fortinet is pleased to thank security researchers Ryan Catterall and OJ Reeves of Beyond Binary for discovering and reporting this vulnerability under responsible disclosure.