- Filter by Date
- Filter by Severity
-
Filter by Affected Product
- All
- 3 FortiSIEM
- 2 FortiWeb
- 1 FortiOS
- 1 FortiSandbox
- 1 FortiClientWindows
- 1 FortiAP
- 1 FortiAP-W2
- 1 FortiAP-S
- 1 FortiAP-U
- 1 Meru AP
- 1 FortiAP-C
- 0 FortiManager
- 0 FortiAnalyzer
- 0 FortiProxy
- 0 FortiMail
- 0 FortiADC
- 0 FortiPortal
- 0 FortiWAN
- 0 FortiAuthenticator
- 0 FortiNAC
- 0 FortiRecorder
- 0 FortiSwitch
- 0 FortiClientEMS
- 0 FortiDDoS
- 0 FortiVoiceEnterprise
- 0 FortiWLC
- 0 FortiClientMac
- 0 FortiTester
- 0 FortiSOAR
- 0 FortiWLM
- 0 FortiNDR
- 0 FortiDDoS-F
- 0 FortiDeceptor
- 0 AscenLink
- 0 FortiClientLinux
- 0 FortiDB
- 0 FortiEDR
- 0 FortiADCManager
- 0 FortiCache
- 0 FortiDDoS-CM
- 0 FortiExtender
- 0 FortiIsolator
- 0 FortiSwitchManager
- 0 FortiClientAndroid
- 0 FortiClientiOS
- 0 FortiSIEMWindowsAgent
- 0 FortiTokenAndroid
- 0 FortiTokenIOS
- 0 FortiWAN-Manager
- 0 FSSO Windows CA
- 0 FortiAnalyzer-BigData
- 0 FortiFone
- 0 FortiOS-6K7K
- 0 FortiWebManager
- 0 Meru Controller
- 0 SSL_VPN
- 0 AV Engine
- 0 FSSO (all dist.)
- 0 FSSO Windows DC Agent
- 0 FortiCloud
- 0 FortiExplorer Windows
- 0 FortiGuard
- 0 FortiSDNConnector
- 0 FortiTokenMobileWP
- 0 FortiVoice
September
(1)
Refine Search
PSIRT Advisories
Monthly PSIRT Advisories
- 2023: Mar , Feb , Jan
- 2022: Dec , Nov , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb
- 2021: Dec , Nov , Oct , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb , Jan
- 2020: Dec
The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.
For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in FortiWeb...
FortiWeb
7.0.1, 7.0.0, 6.4.2, 6.4.1, 6.4.0, 6.3.9, 6.3.8, 6.3.7, 6.3.6, 6.3.5, 6.3.4, 6.3.3, 6.3.22, 6.3.21, 6.3.20, 6.3.2, 6.3.19, 6.3.18, 6.3.17, 6.3.16, 6.3.15, 6.3.14, 6.3.13, 6.3.12, 6.3.11, 6.3.10, 6.3.1, 6.3.0, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3
Sep 06, 2022
Severity
Low
IR Number: FG-IR-22-140
CVE-2022-29059
A URL redirection to untrusted site ('Open Redirect') [CWE-601] in FortiWeb may allow an authenticated attacker to use the...
FortiWeb
6.4.1, 6.4.0, 6.3.9, 6.3.8, 6.3.7, 6.3.6, 6.3.5, 6.3.4, 6.3.3, 6.3.2, 6.3.15, 6.3.14, 6.3.13, 6.3.12, 6.3.11, 6.3.10, 6.3.1, 6.3.0, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.1.3, 6.1.2, 6.1.1, 6.1.0, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0
Dec 07, 2021
Severity
Low
IR Number: FG-IR-21-133
CVE-2021-36191
On May 11th, 2021, Mathy Vanhoef (New York University Abu Dhabi) published a new paper, Fragment and Forge: Breaking Wi-Fi...
FortiAP-W2
7.0.0, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0
FortiOS
7.0.1, 7.0.0, 6.4.9, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.12, 6.4.11, 6.4.10, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.13, 6.2.12, 6.2.11, 6.2.10, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.16, 6.0.15, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.1, 6.0.0, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.1, 5.6.0
FortiAP-S
6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0, 5.4.4, 5.4.3
FortiAP
7.0.1, 7.0.0, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.3.3, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.11, 5.0.10, 5.0.1, 5.0.0, 4.3.9, 4.3.8, 4.3.7, 4.3.6, 4.3.5, 4.3.4, 4.3.3, 4.3.2, 4.3.1, 4.3.0, 4.2.1
Meru AP
8.6.1, 8.6.0, 8.5.4, 8.5.3, 8.5.2, 8.5.1, 8.5.0, 8.4.8, 8.4.7, 8.4.6, 8.4.5, 8.4.4, 8.4.2, 8.4.1, 8.4.0, 8.3.3, 8.3.2, 8.3.0, 8.2.7, 8.2.6, 8.2.4, 8.1.2
FortiAP-U
6.2.1, 6.2.0, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.0
FortiAP-C
5.4.2, 5.4.1, 5.4.0, 5.2.1, 5.2.0
Jun 01, 2021
Severity
Low
IR Number: FG-IR-21-071
CVE-2020-26139
A use of hard-coded cryptographic key vulnerability in FortiSIEM may allow a remote unauthenticated attacker to obtain SSH...
New types of side channel attacks impact most processors including Intel, AMD, ARM, etc. These attacks allow malicious use...
FortiSandbox
3.1.2, 3.1.1, 3.1.0
FortiClientWindows
5.6.4, 5.4.4
FortiSIEM
4.10.0
Aug 26, 2019
Severity
Low
IR Number: FG-IR-18-002
CVE-2017-5753
An information exposure vulnerability in the admin portal of FortiSIEM may allow an authenticated admin to retrieve the LD...
FortiSIEM
5.1.3, 5.1.2, 5.1.1, 5.1.0, 5.0.1, 5.0.0, 4.9.0, 4.10.0
Mar 29, 2019
Severity
Low
IR Number: FG-IR-18-382
CVE-2018-13378