PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiEDR Central Manager may allo...

FortiEDR 5.1.0, 5.0.3, 5.0.1, 5.0.0, 4.0.0
Jul 05, 2022 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-22-077 CVE-2022-29057
An improper control of a resource through its lifetime [CWE-664] vulnerability in FortiEDR Collector may allow a privilege...

FortiEDR 5.0.2, 5.0.1, 5.0.0, 4.0.0
Apr 05, 2022 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-22-052 CVE-2022-23446
A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of FortiEDR collectors may all...

FortiEDR
Apr 05, 2022 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-22-018 CVE-2022-23440
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR may allow an unauthenticated attacker on the net...

FortiEDR
Apr 05, 2022 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo High IR Number: FG-IR-22-019 CVE-2022-23441