PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

An improper neutralization of special elements [CWE-89] used in an OS command vulnerability [CWE-78] in the command line i...

FortiAP-W2 7.2.0, 7.0.3, 7.0.1, 7.0.0, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0 FortiAP-U 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.0 FortiAP 7.2.0, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0 FortiAP-S 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0
Sep 06, 2022 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo High IR Number: FG-IR-21-163 CVE-2022-29058
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API may allow an attacker who managed to retrie...

FortiDDoS 5.5.1, 5.5.0, 5.4.2, 5.4.1, 5.4.0, 5.3.1, 5.3.0, 5.2.0, 5.1.0
Jun 07, 2022 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo High IR Number: FG-IR-22-071 CVE-2022-29060
A security advisory was released affecting  the version of OpenSSL library used in some Fortinet products: CVE-2022-0778: ...

FortiADC 7.0.1, 7.0.0, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.1.6, 6.1.5, 6.1.4, 6.1.3, 6.1.2, 6.1.1, 6.1.0, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0 FortiAnalyzer 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0 FortiAP 7.2.0, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0 FortiAuthenticator 6.4.1, 6.4.0, 6.3.3, 6.3.2, 6.3.1, 6.3.0, 6.2.1, 6.2.0, 6.1.2, 6.1.1, 6.1.0, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0 FortiDDoS 5.6.1, 5.6.0, 5.5.1, 5.5.0, 5.4.2, 5.4.1, 5.4.0, 5.3.1, 5.3.0, 5.2.0, 5.1.0, 5.0.0, 4.7.0, 4.6.0, 4.5.0, 4.4.2, 4.4.1, 4.4.0 FortiDeceptor 4.1.1, 4.1.0, 4.0.2, 4.0.1, 4.0.0, 3.3.3, 3.3.2, 3.3.1, 3.3.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.2, 3.0.1, 3.0.0 FortiIsolator 2.4.0, 2.3.4, 2.3.3, 2.3.2, 2.3.1, 2.3.0, 2.2.0, 2.1.2, 2.1.1, 2.1.0, 2.0.1, 2.0.0 FortiMail 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.12, 6.0.11, 6.0.10, 6.0.1, 6.0.0 FortiManager 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0 FortiOS 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.10, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.1, 6.0.0 FortiProxy 7.0.3, 7.0.2, 7.0.1, 7.0.0 FortiSIEM 6.4.1, 6.4.0, 6.3.3, 6.3.2, 6.3.1, 6.3.0, 6.2.1, 6.2.0, 6.1.2, 6.1.1, 6.1.0, 5.4.0, 5.3.3, 5.3.2, 5.3.1, 5.3.0, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.2, 5.2.1, 5.1.3, 5.1.2, 5.1.1, 5.1.0, 5.0.1, 5.0.0 FortiSwitch 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.9, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.10, 6.4.1, 6.4.0, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0 FortiTester 7.1.1, 7.1.0, 7.0.0, 4.2.1, 4.2.0, 4.1.1, 4.1.0, 4.0.0, 3.9.2, 3.9.1, 3.9.0, 3.8.0, 3.7.1, 3.7.0, 3.6.0, 3.5.1, 3.5.0, 3.4.0, 3.3.1, 3.3.0, 3.2.0, 3.1.0, 3.0.0, 2.9.0, 2.8.0, 2.7.0, 2.6.0, 2.5.0, 2.4.1, 2.4.0, 2.3.0 FortiWAN 5.2.1, 5.2.0, 5.1.2, 5.1.1, 4.5.9, 4.5.8, 4.5.7, 4.5.6, 4.5.5, 4.5.4, 4.5.3, 4.5.2, 4.5.1, 4.5.0, 4.4.1, 4.4.0, 4.3.1, 4.3.0, 4.2.7, 4.2.6, 4.2.5, 4.2.2, 4.2.1, 4.1.3, 4.1.2, 4.1.1, 4.0.6, 4.0.5, 4.0.4, 4.0.3, 4.0.2, 4.0.1, 4.0.0 FortiWeb 7.0.0, 6.4.2, 6.4.1, 6.4.0, 6.3.9, 6.3.8, 6.3.7, 6.3.6, 6.3.5, 6.3.4, 6.3.3, 6.3.2, 6.3.18, 6.3.17, 6.3.16, 6.3.15, 6.3.14, 6.3.13, 6.3.12, 6.3.11, 6.3.10, 6.3.1, 6.3.0 FortiClientMac 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0 FortiNDR 1.5.3, 1.5.2, 1.5.1, 1.5.0, 1.4.0, 1.3.1, 1.3.0, 1.2.0, 1.1.0 FortiVoiceEnterprise 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.11, 6.0.10, 6.0.1, 6.0.0 FortiDDoS-F 6.3.3, 6.3.2, 6.3.1, 6.3.0, 6.2.2, 6.2.1, 6.2.0, 6.1.4, 6.1.3, 6.1.2, 6.1.1, 6.1.0 FortiRecorder 6.4.2, 6.4.1, 6.4.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.10, 6.0.1, 6.0.0 FortiClientEMS 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0 FortiClientiOS 6.0.0, 5.6.6, 5.6.5, 5.6.1, 5.6.0, 5.4.4, 5.4.3, 5.4.1, 5.4.0, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.0.3, 5.0.2, 5.0.1, 5.0.0, 4.0.2, 4.0.1, 4.0.0, 2.0.1, 2.0.0 FortiADCManager 6.2.1, 6.2.0, 6.1.0, 6.0.0, 5.4.0, 5.3.0, 5.2.1, 5.2.0 FortiClientAndroid 6.0.0, 5.6.0, 5.4.2, 5.4.1, 5.4.0, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.0.3, 5.0.2, 5.0.1, 5.0.0, 4.1.1, 4.1.0, 4.0.1, 4.0 FortiClientWindows 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0
Apr 01, 2022 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo High IR Number: FG-IR-22-059 CVE-2022-0778
A buffer overflow [CWE-121] in the TFTP client library of FortiOS, FortiOS-6K7K, FortiADC, FortiAnalyzer, FortiManager, Fo...

FortiADC 6.2.2, 6.2.1, 6.2.0, 6.1.5, 6.1.4, 6.1.3, 6.1.2, 6.1.1, 6.1.0, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.3.7, 5.3.6, 5.3.5, 5.3.4, 5.3.3, 5.3.2, 5.3.1, 5.3.0, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.3, 5.1.2, 5.1.1, 5.1.0, 5.0.4, 5.0.3, 5.0.2, 5.0.1, 5.0.0 FortiAnalyzer 7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.11, 6.0.10, 6.0.1, 6.0.0 FortiDDoS 5.5.1, 5.5.0, 5.4.2, 5.4.1, 5.4.0, 5.3.1, 5.3.0, 5.2.0, 5.1.0, 5.0.0, 4.7.0, 4.6.0, 4.5.0, 4.4.2, 4.4.1, 4.4.0 FortiMail 7.0.2, 7.0.1, 7.0.0, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.12, 6.0.11, 6.0.10, 6.0.1, 6.0.0, 5.4.9, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.12, 5.4.11, 5.4.10, 5.4.1, 5.4.0 FortiManager 7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.11, 6.0.10, 6.0.1, 6.0.0 FortiOS 7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.1, 6.0.0, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.1, 5.6.0, 5.4.9, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.13, 5.4.12, 5.4.11, 5.4.10, 5.4.1, 5.4.0, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.15, 5.2.14, 5.2.13, 5.2.12, 5.2.11, 5.2.10, 5.2.1, 5.2.0, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.14, 5.0.13, 5.0.12, 5.0.11, 5.0.10, 5.0.1, 5.0.0 FortiPortal 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.3.8, 5.3.7, 5.3.6, 5.3.5, 5.3.4, 5.3.3, 5.3.2, 5.3.1, 5.3.0, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1.2, 5.1.1, 5.1.0, 5.0.3, 5.0.2, 5.0.1, 5.0.0 FortiProxy 7.0.1, 7.0.0, 2.0.7, 2.0.6, 2.0.5, 2.0.4, 2.0.3, 2.0.2, 2.0.1, 2.0.0, 1.2.9, 1.2.8, 1.2.7, 1.2.6, 1.2.5, 1.2.4, 1.2.3, 1.2.2, 1.2.13, 1.2.12, 1.2.11, 1.2.10, 1.2.1, 1.2.0, 1.1.6, 1.1.5, 1.1.4, 1.1.3, 1.1.2, 1.1.1, 1.1.0, 1.0.7, 1.0.6, 1.0.5, 1.0.4, 1.0.3, 1.0.2, 1.0.1, 1.0.0 FortiSwitch 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.9, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0 FortiWeb 6.4.1, 6.4.0, 6.3.9, 6.3.8, 6.3.7, 6.3.6, 6.3.5, 6.3.4, 6.3.3, 6.3.2, 6.3.16, 6.3.15, 6.3.14, 6.3.13, 6.3.12, 6.3.11, 6.3.10, 6.3.1, 6.3.0, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.1.2, 6.1.1, 6.1.0, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.9.2, 5.9.1, 5.9.0, 5.8.7, 5.8.6, 5.8.5, 5.8.3, 5.8.2, 5.8.1, 5.8.0, 5.7.3, 5.7.2, 5.7.1, 5.7.0, 5.6.2, 5.6.1, 5.6.0, 5.5.7, 5.5.6, 5.5.5, 5.5.4, 5.5.3, 5.5.2, 5.5.1, 5.5.0, 5.4.1, 5.4.0, 5.3.9, 5.3.8, 5.3.7, 5.3.6, 5.3.5, 5.3.4, 5.3.3, 5.3.2, 5.3.1, 5.3.0, 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1.4, 5.1.3, 5.1.2, 5.1.1, 5.1.0, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.1, 5.0.0 FortiNDR 1.5.2, 1.5.1, 1.5.0, 1.4.0, 1.3.1, 1.3.0, 1.2.0, 1.1.0 FortiVoiceEnterprise 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.10, 6.0.1, 6.0.0 FortiDDoS-F 6.3.0, 6.2.2, 6.2.1, 6.2.0, 6.1.4, 6.1.3, 6.1.2, 6.1.1, 6.1.0 FortiRecorder 6.4.2, 6.4.1, 6.4.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.10, 6.0.1, 6.0.0, 2.7.7, 2.7.6, 2.7.5, 2.7.4, 2.7.3, 2.7.2, 2.7.1, 2.7.0, 2.6.3, 2.6.2, 2.6.1, 2.6.0
Dec 07, 2021 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-21-173 CVE-2021-42757
A cleartext storage of sensitive information in the GUI of FortiADC, FortiSIEM, FortiDDoS, FortiDDoS-CM and FortiDDoS-F ma...

FortiDDoS-F 6.1.4, 6.1.3, 6.1.2, 6.1.1, 6.1.0 FortiDDoS 5.4.2, 5.4.1, 5.4.0, 5.3.1, 5.3.0, 5.2.0, 5.1.0, 5.0.0, 4.7.0, 4.6.0, 4.5.0, 4.4.2, 4.4.1, 4.4.0, 4.3.2, 4.3.1, 4.3.0, 4.2.2, 4.2.1 FortiSIEM 6.2.1, 6.2.0, 6.1.2, 6.1.1, 6.1.0, 5.4.0, 5.3.3, 5.3.2, 5.3.1, 5.3.0, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.2, 5.2.1, 5.1.3, 5.1.2, 5.1.1, 5.1.0, 5.0.1, 5.0.0 FortiADC 6.0.0, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.3.7, 5.3.6, 5.3.5, 5.3.4, 5.3.3, 5.3.2, 5.3.1, 5.3.0, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.3, 5.1.2, 5.1.1, 5.1.0, 5.0.4, 5.0.3, 5.0.2, 5.0.1, 5.0.0
Nov 02, 2021 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-20-044 CVE-2020-15935
An instance of improper neutralization of special elements used in an OS Command found in FortiAP's console may allow an a...

FortiAP-W2 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.2.5, 6.2.4 FortiAP-S 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.2.5, 6.2.4 FortiAP 6.4.5, 6.4.4, 6.4.3, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0
Jul 07, 2021 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo High IR Number: FG-IR-20-210 CVE-2021-26106
An exposure of sensitive information to an unauthorized actor vulnerability in FortiMail may allow a remote, unauthenticat...

FortiDDoS 5.4.0, 5.3.1, 5.3.0, 5.2.0, 5.1.0, 5.0.0, 4.7.0, 4.6.0, 4.5.0, 4.4.2, 4.4.1, 4.4.0 FortiDDoS-CM 5.3.0, 5.2.0, 5.1.0, 5.0.0, 4.7.0 FortiMail 6.4.1, 6.4.0, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.4.9, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.12, 5.4.11, 5.4.10, 5.4.1, 5.4.0, 5.3.9, 5.3.8, 5.3.7, 5.3.6, 5.3.5, 5.3.4, 5.3.3, 5.3.2, 5.3.13, 5.3.12, 5.3.10, 5.3.1, 5.3.0, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.10, 5.2.1, 5.2.0, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.3, 5.1.2, 5.1.1, 5.1.0, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.11, 5.0.10, 5.0.1, 5.0.0, 4.3.9, 4.3.8, 4.3.7, 4.3.6, 4.3.5, 4.3.4, 4.3.3, 4.3.2, 4.3.1, 4.3.0, 4.2.4, 4.2.3, 4.2.2, 4.2.1, 4.2.0, 4.1.3, 4.1.2, 4.1.1, 4.1.0, 4.0.5, 4.0.4, 4.0.3, 4.0.1 FortiRecorder 6.0.3, 6.0.2, 6.0.1, 6.0.0 FortiVoiceEnterprise 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0
Nov 03, 2020 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-20-105 CVE-2020-15933
An improper access control vulnerability in the admin SSH console of multiple products may allow an authenticated user to ...

FortiManager 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.11, 5.6.10, 5.6.1, 5.6.0 FortiWAN 4.5.7, 4.5.6, 4.5.5, 4.5.4, 4.5.3, 4.5.2, 4.5.1, 4.5.0 FortiADCManager 5.3.0 FortiAnalyzer 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.11, 5.6.10, 5.6.1, 5.6.0 FortiADC 5.3.4, 5.2.5 FortiAP-C 5.4.2 FortiDDoS 5.2.0 FortiExtender 4.2.0 FortiWLC 8.5.5, 8.5.4, 8.5.3, 8.5.2, 8.5.1 FortiPortal 5.3.2, 5.2.4 FortiDDoS-CM 5.2.0
Jun 26, 2020 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-19-292 CVE-2004-1653
A system command injection vulnerability in the FortiAP CLI admin console may allow unauthorized administrators to run arb...

FortiAP-U 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.0 FortiAP-S 6.2.1, 6.2.0, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0, 5.4.4, 5.4.3 FortiAP 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.3.3, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.11, 5.0.10, 5.0.1, 5.0.0 FortiAP-W2 6.2.1, 6.2.0, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0
Feb 10, 2020 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-19-209 CVE-2019-15708
An Uncontrolled Resource Consumption vulnerability in multiple products may allow an attacker to cause web service portal ...

FortiAnalyzer 5.6, 6.0, 6.2 FortiAP 6.0, 6.2 FortiManager 5.6, 6.0, 6.2 FortiOS 6.0, 6.2 FortiSwitch 6.0, 6.2
Feb 03, 2020 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-19-013 CVE-2019-17657
Multiple Fortinet products may be affected by the following Linux Kernel vulnerability:CVE-2016-10229 Linux Kernel ipv4/ud...

FortiManager 5.4.2 FortiAP 5.6.0, 5.4.2 FortiADC 4.8.0 FortiSandbox 3.0.7, 3.0.6, 3.0.5, 3.0.4 FortiAnalyzer 5.4.2 FortiWeb 5.7.3, 5.7.2 Meru Controller 8.4.5, 8.4.4 FortiWAN-Manager 4.3.0 FortiWAN 4.3.1 FortiPortal 5.0.3, 5.0.2, 5.0.1, 5.0.0, 4.2.2, 4.2.1, 4.2.0, 4.1.2, 4.1.1, 4.1.0, 4.0.4, 4.0.3, 4.0.2, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0 FortiWebManager 6.0.0 FortiCache 4.2.2 FortiDDoS 4.3.2, 4.3.1 FortiOS 5.6.0, 5.4.9, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.13, 5.4.12, 5.4.11, 5.4.10, 5.4.1, 5.4.0 FortiAuthenticator 5.0.0 FortiVoiceEnterprise 5.3.6 AscenLink 7.2.19 FortiWLM 8.4.0 FortiWLC 8.4.8, 8.4.7, 8.4.6, 8.4.5, 8.4.4, 8.4.2
Jul 24, 2019 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo High IR Number: FG-IR-17-118 CVE-2016-10229
A collection of AMD vulnerabilities known as "Ryzenfall, Fallout, Chimera, Masterkey" has been released. Attackers in poss...

FortiAnalyzer FortiAP 5.2, 5.6 FortiOS 5.2, 4.2 FortiSwitch
Apr 13, 2018 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-18-046 CVE-2018-8930