• Filter by Date
  • Filter by Risk
  • Filter by Affected Product

PSIRT Advisories

The FortiGuard Labs Product Security Incident Response Team (PSIRT) continually test Fortinet hardware and software products, looking for vulnerabilities and weaknesses. Any such findings are fed back to Fortinet's development teams and serious issues are described along with protective solutions in the advisories below.

The Missing Encryption Of Sensitive Data vulnerability in FortiClient may allow an attacker to access VPN session cookie from...

Apr 23, 2019 Risk IR Number: FG-IR-19-110
A cleartext transmission of sensitive information vulnerability in FortiManager may allow an unauthenticated attacker in a man...

Apr 23, 2019 Risk IR Number: FG-IR-18-051
Some FortiAP models are vulnerable to the Bleeding Bit Vulnerability (CVE-2018-16986) present in the Texas Instruments WiFi chips.CVE-2018-16986:Texas...

Apr 10, 2019 Risk IR Number: FG-IR-18-356
FortiSwitch is vulnerable to multiple Cross-site Scripting (XSS) attacks present in the jQuery javascript libraryCVE-2015-9251:jQuery...

Apr 10, 2019 Risk IR Number: FG-IR-18-013
An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing settings...

Apr 04, 2019 Risk IR Number: FG-IR-18-230
A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiSandbox may allow an attacker to execute unauthorized code...

Apr 03, 2019 Risk IR Number: FG-IR-18-024
A privilege escalation vulnerability in FortiOS may allow admin users to elevate their profile to super_admin, via restoring modified...

Apr 02, 2019 Risk IR Number: FG-IR-17-053
An improper access control vulnerability in FortiClientMac may allow an attacker to affect the application's performance via modifying...

Apr 02, 2019 Risk IR Number: FG-IR-19-003