PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

Multiple improper neutralization of special elements used in SQL commands ('SQL Injection') vulnerability [CWE-89] in Fort...

FortiNAC 9.2.2, 9.2.1, 9.2.0, 9.1.5, 9.1.4, 9.1.3, 9.1.2, 9.1.1, 9.1.0, 8.8.9, 8.8.8, 8.8.7, 8.8.6, 8.8.5, 8.8.4, 8.8.3, 8.8.2, 8.8.11, 8.8.10, 8.8.1, 8.8.0, 8.7.6, 8.7.5, 8.7.4, 8.7.3, 8.7.2, 8.7.1, 8.7.0, 8.6.5, 8.6.4, 8.6.3, 8.6.2, 8.6.0, 8.5.4, 8.5.2, 8.5.1, 8.5.0, 8.3.7
May 03, 2022 Severity black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon Medium IR Number: FG-IR-22-062 CVE-2022-26116
A privilege escalation vulnerability in FortiNAC may allow an admin user to escalate the privileges to root by abusing the...

FortiNAC 8.7.1
May 05, 2021 Severity black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon Medium IR Number: FG-IR-20-038 CVE-2021-24011
An improper neutralization of input vulnerability in FortiNAC may allow a remote authenticated attacker to perform a store...

FortiNAC 8.6.2
Sep 23, 2020 Severity black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon Medium IR Number: FG-IR-20-002 CVE-2020-12816
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in FortiNAC admin webUI may allow an ...

FortiNAC 8.5.0
Jul 16, 2019 Severity black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon Medium IR Number: FG-IR-19-140 CVE-2019-5594