PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

Failure to sanitize input in the SSL VPN web portal may allow a remote unauthenticated attacker to perform a reflected Cro...

FortiOS 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.12, 6.0.11, 6.0.10, 6.0.1, 6.0.0, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.1, 5.6.0, 5.4.9, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.13, 5.4.12, 5.4.11, 5.4.10, 5.4.1, 5.4.0, 5.2.15, 5.2.14, 5.2.13, 5.2.12, 5.2.11, 5.2.10 FortiProxy 2.0.1, 2.0.0, 1.2.9, 1.2.8, 1.2.7, 1.2.6, 1.2.5, 1.2.4, 1.2.3, 1.2.2, 1.2.1, 1.2.0
Jun 01, 2021 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-20-199 CVE-2021-26092
An improper following of a certificate's chain of trust vulnerability in FortiGate SSL-VPN may allow an LDAP user to conne...

FortiOS 6.4.4, 6.4.3, 6.4.2
Jun 01, 2021 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-21-018 CVE-2021-24012
A stack-based buffer overflow vulnerability in FortiProxy physical appliance CLI may allow an authenticated, remote attack...

FortiProxy 2.0.1, 2.0.0, 1.2.9, 1.2.8, 1.2.7, 1.2.6, 1.2.5, 1.2.4, 1.2.3, 1.2.2, 1.2.1, 1.2.0, 1.1.6, 1.1.5, 1.1.4, 1.1.3, 1.1.2, 1.1.1, 1.1.0
Jun 01, 2021 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-21-006 CVE-2021-22130
A missing release of memory after effective lifetime vulnerability in FortiSwitch may allow an attacker on an adjacent net...

FortiSwitch 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0
Jun 01, 2021 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-21-026 CVE-2021-26111
Multiple instances of stack-based buffer overflow vulnerability (CWE-121) in the command line interface of FortiWLC may al...

FortiWLC 8.6.0, 8.5.3, 8.5.2, 8.5.1, 8.5.0, 8.4.8, 8.4.7, 8.4.6, 8.4.5, 8.4.4, 8.4.2, 8.4.1, 8.4.0, 8.3.3, 8.3.2, 8.3.1, 8.3.0, 8.2.7, 8.2.6, 8.2.5, 8.2.4, 8.1.3, 8.1.2, 8.0.6, 8.0.5
Jun 01, 2021 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-21-001 CVE-2021-26094
An improper neutralization of input during web page generation in FortiWLC web interface may allow both authenticated remo...

FortiWLC 8.6.0, 8.5.3, 8.5.2, 8.5.1, 8.5.0, 8.4.8, 8.4.7, 8.4.6, 8.4.5, 8.4.4, 8.4.2, 8.4.1, 8.4.0, 8.3.3
Jun 01, 2021 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-20-137 CVE-2021-26087
A use of hard-coded password vulnerability in Meru AP may allow a remote authenticated attacker to access the system as ro...

FortiWLC 8.5.2, 8.5.1, 8.5.0, 8.4.8, 8.4.7, 8.4.6, 8.4.5, 8.4.4, 8.4.2, 8.4.1, 8.4.0, 8.3.3, 8.3.2, 8.2.7, 8.2.6
Jun 01, 2021 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-20-147 CVE-2021-22126
A privilege escalation vulnerability in FortiNAC may allow an admin user to escalate the privileges to root by abusing the...

FortiNAC 8.7.1
May 05, 2021 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-20-038 CVE-2021-24011
An improper neutralization of input during web page generation in the SSL VPN portal of FortiProxy may allow a remote auth...

FortiProxy 2.0.0, 1.2.9, 1.2.8, 1.2.7, 1.2.6, 1.2.5, 1.2.4, 1.2.3, 1.2.2, 1.2.1, 1.2.0
May 05, 2021 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-20-226 CVE-2019-15706
A clear text storage of sensitive information into log file vulnerability in FortiADCManager and FortiADC may allow a remo...

FortiADCManager 5.3.0, 5.2.1, 5.2.0
Apr 06, 2021 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-19-244 CVE-2021-24024
A stack-based buffer overflow vulnerability in the HTTPD daemon of FortiProxy may allow an authenticated remote attacker t...

FortiProxy 2.0.1, 2.0.0, 1.2.9, 1.2.8, 1.2.7, 1.2.6, 1.2.5, 1.2.4, 1.2.3, 1.2.2, 1.2.1, 1.2.0
Apr 06, 2021 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-21-007 CVE-2019-17656
An information disclosure vulnerability in FortiWeb's Web Vulnerability Scan profile may allow a remote authenticated atta...

FortiWeb 6.3.4, 6.3.3, 6.3.2
Apr 06, 2021 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-20-076 CVE-2020-15942
An Improper Neutralization of Input During Web Page Generation in the SSL VPN portal of FortiProxy may allow an unauthenti...

FortiProxy 2.0.0, 1.2.8, 1.2.7, 1.2.6, 1.2.5, 1.2.4, 1.2.3, 1.2.2, 1.2.1, 1.2.0, 1.1.6
Mar 02, 2021 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-20-230 CVE-2018-13380
A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiProxy SSL VPN may allow an attacker to retrieve a...

FortiProxy 2.0.0, 1.2.9, 1.2.8, 1.2.7, 1.2.6, 1.2.5, 1.2.4, 1.2.3, 1.2.2, 1.2.1, 1.2.0, 1.1.6
Mar 02, 2021 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-20-224 CVE-2019-17655
An improper access control vulnerability in FortiProxy SSL VPN portal may allow an authenticated, remote attacker to acces...

FortiProxy 2.0.2, 2.0.1, 2.0.0, 1.2.9, 1.2.8, 1.2.7, 1.2.6, 1.2.5, 1.2.4, 1.2.3, 1.2.2, 1.2.1, 1.2.0, 1.1.6
Mar 02, 2021 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-20-235 CVE-2021-22128