PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

An improper access control vulnerability [CWE-284] in FortiIsolator may allow an authenticated, non privileged attacker to...

FortiIsolator 2.3.2, 2.3.1, 2.3.0
May 03, 2022 Severity black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon High IR Number: FG-IR-21-040 CVE-2021-41020
An improper access control vulnerability [CWE-284] in FortiSOAR may allow an unauthenticated attacker to access gateway AP...

FortiSOAR 7.0.2, 7.0.1, 7.0.0, 6.4.4, 6.4.3, 6.4.1, 6.4.0
May 03, 2022 Severity black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon Medium IR Number: FG-IR-22-041 CVE-2022-23443
Some advisories were released affecting  the version of PJSIP library used in some Fortinet  products: CVE-2021-43845: PJ...

FortiFone 3.0.9, 3.0.8, 3.0.7, 3.0.6, 3.0.5, 3.0.4, 3.0.3, 3.0.2, 3.0.11, 3.0.10, 3.0.1, 3.0.0
May 03, 2022 Severity black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon Critical IR Number: FG-IR-22-007 CVE-2021-37706