PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

The VENOM (Virtualized Environment Neglected Operations Manipulation) vulnerability impacts popular virtualization platfor...

May 19, 2015 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo High IR Number: FG-IR-15-012 CVE-2015-3456
Prior to build 237, the Windows version of FSSO can be remotely exploited to run arbitrary code over the TCP/8000 port wit...

Feb 27, 2015 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo High IR Number: FG-IR-15-006 CVE-2015-2281
Prior to version 5.0.7, the Web User Interface of FortiManager and FortiAnalyzer is vulnerable to multiple reflected Cross...

Oct 30, 2014 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo High IR Number: FG-IR-14-033 CVE-2014-2334
Multiple CSRF vulnerabilities exist in the FortiAnalyzer web administration console due to an error in CSRF token validati...

Nov 22, 2013 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo High IR Number: FG-IR-13-018 CVE-2013-6826
Multiple CSRF (Cross-Site Request Forgery) vulnerabilities exist in FortiGate because GUI pages are not protected by CSRF ...

Jul 08, 2013 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo High IR Number: FG-IR-13-014 CVE-2013-1414