PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

The pam.log file generated by FortiWLC contains authenticated users credentials (local admin and users authenticated again...

Sep 30, 2016 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo High IR Number: FG-IR-16-030 CVE-2016-7561
FortiWLC runs a rsyncd server, historically used for High-Availability purpose. This server comes with a hardcoded account...

Sep 30, 2016 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Critical IR Number: FG-IR-16-029 CVE-2016-7560
A vulnerability in FortiDDoS allows escalation of privilege via remote OS injection through crafted URLs sent to the GUI. ...

Sep 28, 2016 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo High IR Number: FG-IR-16-037