Wednesday, 09 July 2025
The State cybersecurity service
at the «Turkmenaragatnashyk» agency

Fortinet releases security updates for its products

Fortinet has released security updates addressing multiple vulnerabilities that exist in their products. An attacker could exploit these vulnerabilities to gain system access and take control of an affected system.

Users are advised to review security advisories and apply the necessary updates:

Security vulnerability (CVE-2021-32598) in FortiManager and FortiAnalyzer - FG-IR-21-063

Command injection vulnerability (CVE-2021-26097) in FortiSandbox - FG-IR-20-198

Improper access control vulnerability in FortiManager and FortiAnalyzer (CVE-2021-32587) - FG-IR-21-059

A server-side request forgery vulnerability (CVE-2021-32603) in FortiManager and FortiAnalyzer – FG-IR-21-050

XSS vulnerability (CVE-2021-32597) in FortiManager and FortiAnalyzer – FG-IR-21-054

An improper access control vulnerability in FortiManager (CVE-2021-24006) – FG-IR-20-061

Code execution vulnerability (CVE-2021-24018) in FortiOS – FG-IR-21-046

Security vulnerability (CVE-2019-16151) in FortiOS - FG-IR-19-301

A use of hard-coded credentials vulnerability (CVE-2021-32588) in FortiPortal – FG-IR-21-077

Information Disclosure vulnerability (CVE-2021-36168) in FortiPortal – FG-IR-21-085

SQL injection vulnerability (CVE-2021-32590) in FortiPortal – FG-IR-21-084

OS command injection vulnerability (CVE-2021-26104) in FortiManager, FortiAnalyzer and FortiPortal – FG-IR-21-037

An unrestricted file upload vulnerability (CVE-2021-32594) in FortiPortal – FG-IR-21-092

Security vulnerability (CVE-2021-32596) in FortiPortal - FG-IR-21-094

XSS vulnerability (CVE-2021-32602) in FortiPortal – FG-IR-20-066

XSS vulnerability (CVE-2021-24014) in FortiSandbox – FG-IR-20-209

Heap-based buffer overflow vulnerability (CVE-2021-26096) in FortiSandbox – FG-IR-20-188

Security vulnerability (CVE-2021-24010) in FortiSandbox – FG-IR-20-202

Elevation of privileges vulnerability ( CVE-2021-26098) in FortiSandbox – FG-IR-20-218

SQL Injection vulnerability (CVE-2020-29011) in FortiSandbox – FG-IR-20-171

An improper access control vulnerability (CVE-2020-15939) in FortiSandbox – FG-IR-20-071.

10 August 2021

-
140
Samsung releases July 2025 security updates

08 July 2025

-
12
Google releases security update for Chrome

02 July 2025

-
36
Cisco releases security updates in ISE Software

30 June 2025

-
42