PSIRT Advisories

The FortiGuard Labs Product Security Incident Response Team (PSIRT) continually test Fortinet hardware and software products, looking for vulnerabilities and weaknesses. Any such findings are fed back to Fortinet's development teams and serious issues are described along with protective solutions in the advisories below.

Part of FortiOS models by default suffer from insufficient entropy ("seed") in CTR DRBG random data software generator.Unsufficient...

Oct 18, 2019 Risk IR Number: FG-IR-19-186
New types of side channel attacks impact most processors including Intel, AMD, ARM, etc. These attacks allow malicious userspace...

Aug 26, 2019 Risk IR Number: FG-IR-18-002
A privilege escalation vulnerability in FortiOS may allow admin users to elevate their profile to super_admin, via restoring modified...

Aug 21, 2019 Risk IR Number: FG-IR-17-053
A Host Header Redirection vulnerability exists in FortiOS SSL-VPN web portal: when an attacker submits specially crafted HTTP...

May 17, 2019 Risk IR Number: FG-IR-19-002
The Missing Encryption Of Sensitive Data vulnerability in FortiClient may allow an attacker to access VPN session cookie from...

Apr 23, 2019 Risk IR Number: FG-IR-19-110
A cleartext transmission of sensitive information vulnerability in FortiManager may allow an unauthenticated attacker in a man...

Apr 23, 2019 Risk IR Number: FG-IR-18-051
An information exposure vulnerability in the admin portal of FortiSIEM may allow an authenticated admin to retrieve the LDAP server...

Mar 29, 2019 Risk IR Number: FG-IR-18-382
There is a Null pointer dereference in the NDIS Miniport drivers in FortiClient on Windows, which may be leveraged by an unprivileged...

Jan 11, 2019 Risk IR Number: FG-IR-18-092
Fortigate's read-only admins are able to point a LDAP server connectivity test request to a rogue LDAP server instead of the configured...

Nov 16, 2018 Risk IR Number: FG-IR-18-157
On May 23, 2018, Talos disclosed in a blog post the discovery of a modular malware system they deemed "VPNFilter", affecting multiple...

Aug 27, 2018 Risk IR Number: FG-IR-18-106
FortiCloud password reset link requested by the user takes one hour to expire even after password was changed successfully,...

Aug 24, 2018 Risk IR Number: FG-IR-18-074
An open redirect vulnerability exists in FortiAnalyzer and FortiManager when a user of the GUI is converting an HTML table to...

Jun 22, 2018 Risk IR Number: FG-IR-18-022
An improper access control vulnerability exists in FortiAnalyzer and FortiManager, whereby a regular user of the GUI can edit...

Jun 22, 2018 Risk IR Number: FG-IR-18-014
A potential Cross-site Scripting (XSS) vulnerability exists in FortiManager: Displayed data is not sanitized when an administrator...

Jun 22, 2018 Risk IR Number: FG-IR-18-006
On FortiAuthenticator, a HTML page is returned to the user when the CSRF validation fails on referer mismatch. This page displays...

May 29, 2018 Risk IR Number: FG-IR-18-059