Fortinet Releases Security Updates for Multiple Products

Fortinet has released security advisories addressing vulnerabilities in multiple products. These vulnerabilities may allow cyber threat actors to take control of the affected systems.

CISA encourages users and administrators to review the following Fortinet security advisories and apply the recommended updates:

FG-IR-23-189: FortiManager, FortiAnalyzer – Path traversal via unrestricted file upload
FG-IR-23-062: FortiManager – Improper inter ADOM access control
FG-IR-23-167: FortiManager, FortiAnalyzer – OS command injection
FG-IR-22-352: FortiManager, FortiAnalyzer, FortiADC – Command injection due to an unsafe usage of function
FG-IR-23-318: FortiOS – Improper authorization via prof-admin profile
FG-IR-23-085: FortiSIEM - Multiple path traversal vulnerabilities

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.

Fortinet Releases Security Updates for Multiple Products

Please share your thoughts

CISA Adds Three Known Exploited Vulnerabilities to Catalog

Cisco Releases Security Updates for Multiple Products

CISA Releases Seventeen Industrial Control Systems Advisories

Adobe Releases Security Updates for Multiple Products

Fortinet Releases Security Updates for Multiple Products

Please share your thoughts

Related Advisories

CISA Adds Three Known Exploited Vulnerabilities to Catalog

Cisco Releases Security Updates for Multiple Products

CISA Releases Seventeen Industrial Control Systems Advisories

Adobe Releases Security Updates for Multiple Products