PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

During an upgrade to version 3.4.1, a FortiSwitch device may let an attacker log in the rest_admin account without a pass...

Jul 11, 2016 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo High IR Number: FG-IR-16-011 CVE-2016-4573
There is a CSRF vulnerability with FortiWEB console on dashboard. Attackers may submit local forms to change admin passwor...

Jun 23, 2016 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-16-010 CVE-2016-4066
A path traversal vulnerability allows an administrator account with read and write privileges to read arbitrary files usin...

May 26, 2016 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Low IR Number: FG-IR-16-009 CVE-2016-5092
FortiOS now includes for all SSL libraries a countermeasure against Lenstra's fault attack on RSA-CRT optimization when a...

May 16, 2016 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Low IR Number: FG-IR-16-008 CVE-2015-5738
The Security Account Manager Remote Protocol [MS-SAMR] and the Local Security Authority (Domain Policy) Remote Protocol [M...

Apr 14, 2016 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-16-007 CVE-2016-2118
The FortiOS webui accepts a user-controlled input that specifies a link to an external site, and uses that link in a redir...

Mar 16, 2016 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Low IR Number: FG-IR-16-004
It is possible to inject malicious script through the DHCP HOSTNAME option. The malicious script code is injected into th...

Mar 16, 2016 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Low IR Number: FG-IR-16-003 CVE-2015-3626
Since glibc 2.9, the glibc DNS client side resolver is vulnerable to a stack-based buffer overflow when the getaddrinfo() ...

Feb 25, 2016 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-16-002 CVE-2015-7547
An undocumented account used for communication with authorized FortiManager devices exists on some versions of FortiOS, F...

Jan 12, 2016 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Critical IR Number: FG-IR-16-001 CVE-2016-1909
Researchers discovered that certain next generation firewalls are designed to permit full TCP handshake with any destinati...

Dec 15, 2015 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Low IR Number: FG-IR-15-024
OpenSSL released an update in December 2015 to address a small number of vulnerability issues.

Dec 10, 2015 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Low IR Number: FG-IR-15-023 CVE-2015-3193
The Graphical User Interface (GUI) of FortiManager v5.2.2 is vulnerable to two reflected Cross-Site Scripting (XSS) vulner...

Sep 24, 2015 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-15-022 CVE-2015-8037
FortiClient drivers expose IOCTL that may allow an unprivileged user to get system-level privileges.

Sep 01, 2015 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Low IR Number: FG-IR-15-025 CVE-2015-4077
Installing Forticlient SSLVPN Linux client build 2312 and lower in a home directory that is world readable-executable yiel...

Jul 24, 2015 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-15-017 CVE-2015-7362
The Web User Interface of FortiSandbox version 2.0.4 and below is vulnerable to multiple reflected Cross-Site Scripting vu...

Jul 24, 2015 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-15-019 CVE-2015-7360