Filter by Date
- 2022
  - 1 06-2022
- 2020
  - 1 06-2020
- 2019
  - 1 11-2019
- 2018
  - 1 07-2018
Filter by Severity
- 0 Critical
- 0 High
- 4 Medium
- 0 Low
- 0 Informational
Filter by Affected Product
- All
- 2 FortiManager
- 2 FortiAnalyzer
- 2 FortiADC
- 2 FortiWAN
- 2 FortiDDoS
- 2 FortiExtender
- 2 FortiTokenAndroid
- 2 FortiTokenIOS
- 1 FortiOS
- 1 FortiMail
- 1 FortiSandbox
- 1 FortiWeb
- 1 FortiClientWindows
- 1 FortiPortal
- 1 FortiSIEM
- 1 FortiClientEMS
- 1 FortiWLC
- 1 FortiAP
- 1 FortiClientMac
- 1 FortiSwitch
- 1 FortiTester
- 1 FortiRecorder
- 1 FortiVoiceEnterprise
- 1 AscenLink
- 1 FortiDB
- 1 FortiCache
- 1 FortiADCManager
- 1 FortiAP-C
- 1 FortiClientAndroid
- 1 FortiClientiOS
- 1 FortiDDoS-CM
- 1 SSL_VPN
- 1 FSSO (all dist.)
- 1 FortiTokenMobileWP
- 1 FortiVoice
- 0 FortiProxy
- 0 FortiAuthenticator
- 0 FortiNAC
- 0 FortiAP-W2
- 0 FortiSOAR
- 0 FortiWLM
- 0 FortiAP-S
- 0 FortiAP-U
- 0 FortiDeceptor
- 0 FortiClientLinux
- 0 FortiEDR
- 0 Meru AP
- 0 FortiIsolator
- 0 FortiSIEMWindowsAgent
- 0 FortiSwitchManager
- 0 FortiWAN-Manager
- 0 FSSO Windows CA
- 0 FortiOS-6K7K
- 0 FortiWebManager
- 0 Meru Controller
- 0 AV Engine
- 0 FSSO Windows DC Agent
- 0 FortiAnalyzer-BigData
- 0 FortiCloud
- 0 FortiDDoS-F
- 0 FortiExplorer Windows
- 0 FortiFone
- 0 FortiGuard
- 0 FortiNDR
- 0 FortiPresence
- 0 FortiSDNConnector

Refine Search

PSIRT Advisories

Monthly PSIRT Advisories

2023: May , Apr , Mar , Feb , Jan
2022: Dec , Nov , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb
2021: Dec , Nov , Oct , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb , Jan
2020: Dec

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

FortiTokenMobile - Missing digital certificate validation

An improper validation of certificate with host mismatch vulnerability [CWE-297] in FortiTokenMobile may allow an unauthen...

FortiTokenAndroid 5.0.3, 5.0.2, 4.5.0, 4.4.0, 4.3.0, 4.2.2, 4.2.1, 4.1.1, 4.0.1, 4.0.0, 3.0.4, 3.0.3, 3.0.2, 3.0.1, 3.0.0, 0.4.20, 0.4.10 FortiTokenIOS 5.2.0, 4.3.0, 4.2.0, 4.1.1, 4.1.0, 3.0.5, 3.0.4, 3.0.3, 3.0.2, 3.0.1 FortiTokenMobileWP 4.0.3, 3.0.1, 3.0.0

Jun 07, 2022 Severity black-background-circle-icon

Medium IR Number: FG-IR-21-024 CVE-2021-22131

CVE-2004-1653 SSH port forwarding exposes unprotected internal services

An improper access control vulnerability in the admin SSH console of multiple products may allow an authenticated user to ...

FortiADC 5.3.4, 5.3.3, 5.3.2, 5.3.1, 5.3.0, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0 FortiExtender 4.2.0 FortiManager 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.11, 5.6.10, 5.6.1, 5.6.0 FortiAnalyzer 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.11, 5.6.10, 5.6.1, 5.6.0 FortiWAN 4.5.7, 4.5.6, 4.5.5, 4.5.4, 4.5.3, 4.5.2, 4.5.1, 4.5.0 FortiPortal 5.3.2, 5.2.4 FortiDDoS-CM 5.2.0 FortiAP-C 5.4.2 FortiDDoS 5.2.0 FortiWLC 8.5.5, 8.5.4, 8.5.3, 8.5.2, 8.5.1 FortiADCManager 5.3.0 FortiSIEM 6.2.1, 6.2.0, 6.1.2, 6.1.1, 6.1.0, 5.4.0, 5.3.3, 5.3.2, 5.3.1, 5.3.0, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.2, 5.2.1, 5.1.3, 5.1.2, 5.1.1, 5.1.0, 5.0.1, 5.0.0

Jun 26, 2020 Severity black-background-circle-icon

Medium IR Number: FG-IR-19-292 CVE-2004-1653

FortiExtender OS command injection through execute date CLI command

An OS command injection vulnerability in FortiExtender CLI admin console may allow unauthorized administrators to run arbi...

FortiExtender 4.1.1, 4.0.0, 3.3.3, 3.3.2, 3.3.1, 3.3.0, 3.2.4, 3.2.3, 3.2.2, 3.2.1, 3.1.2, 3.1.1, 3.1.0, 3.0.2, 3.0.1, 3.0.0, 0.4.10

Nov 01, 2019 Severity black-background-circle-icon

Medium IR Number: FG-IR-19-273 CVE-2019-15710

OpenSSL Security Advisory [26 Jan 2017]

The OpenSSL project released an advisory on Jan 26th, 2017, describing 3 Moderate, 1 Low severity vulnerabilities, as list...

FortiWeb 5.7.0 FortiVoiceEnterprise 5.3.4 FortiDB 5.1.11 FortiClientMac 5.4.2 FortiClientEMS 1.0.3 FortiClientAndroid 5.4.0 FortiSandbox 2.3.3 FortiAnalyzer 5.4.2, 5.2.10 FortiMail 5.3.8, 5.2.9 FortiSwitch 3.5.0 FortiDDoS 4.3.0 FortiClientiOS 5.4.3 AscenLink 7.2.18 FortiTester 2.8.0 FortiTokenAndroid 3.0.4 FortiADC 4.7.1 FortiWAN 4.3.1 FortiClientWindows 5.4.2 FortiOS 5.4.5, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.12, 5.2.11, 5.2.10, 5.2.1, 5.2.0, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.14, 5.0.13, 5.0.12, 5.0.11, 5.0.10, 5.0.1, 5.0.0 FortiVoice 5.2.2 FortiCache 4.1.5, 0.4.20 FortiManager 5.4.2, 5.2.10 FSSO (all dist.) 5.0.254 FortiRecorder 2.5.1, 2.4.3 FortiAP 5.4.1 SSL_VPN 4.0.2328 FortiTokenIOS 3.0.5

Jul 13, 2018 Severity black-background-circle-icon

Medium IR Number: FG-IR-17-019 CVE-2016-7055

Network

Files and Endpoint

Application

Additional SOC Services

Refine
RESET

PSIRT Advisories

Monthly PSIRT Advisories

News / Research

Network

Files and Endpoint

Application

Additional SOC Services

FortiGate

FortiDeceptor

FortiClient

FortiMail

FortiEDR

FortiADC

FortiAnalyzer

FortiCWP

FortiWeb

FortiNDR

FortiSandBox

FortiTester

Threat Lookup

PSIRT

Resources

Refine RESET

PSIRT Advisories

Monthly PSIRT Advisories

Refine
RESET