Fortinet has released security updates addressing multiple vulnerabilities that exist in their products. An attacker could exploit these vulnerabilities to gain system access and take control of an affected system.

Users are advised to review security advisories and apply the necessary updates:

Information disclosure vulnerability ( CVE-2021-36170) in FortiAnalyzer and FortiManager – FG-IR-21-112;

Cross site scripting vulnerability (CVE-2021-24021) in FortiAnalyzer – FG-IR-20-098;

Escalation of privilege vulnerability (CVE-2020-15941) in FortiClientEMS – FG-IR-20-074;

Escalation of privilege vulnerability (CVE-2021-24019) in FortiClientEMS – FG-IR-20-072;

Information disclosure vulnerability (CVE-2021-36178) in FortiSDNConnector – FG-IR-20-183;

Buffer overflow vulnerability ( CVE-2021-26105) in FortiSandbox – FG-IR-20-234;

Unauthorized code or commands execution vulnerability (CVE-2021-36175) in FortiWebManager - FG-IR-20-027.