{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"FortiClientLinux versions 7.4.x ant\u00e9rieures \u00e0 7.4.5","product":{"name":"FortiClient","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiAnalyzer-BigData versions 7.6.x ant\u00e9rieures \u00e0 7.6.1","product":{"name":"FortiAnalyzer","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiMail versions 7.4.x ant\u00e9rieures \u00e0 7.4.5","product":{"name":"FortiMail","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiClientLinux versions ant\u00e9rieures \u00e0 7.2.13","product":{"name":"FortiClient","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiSandbox versions ant\u00e9rieures \u00e0 4.4.8","product":{"name":"FortiSandbox","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiManager versions ant\u00e9rieures \u00e0 7.6.5","product":{"name":"FortiManager","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiManager Cloud versions ant\u00e9rieures \u00e0 7.6.5","product":{"name":"FortiManager","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiMail versions 7.6.x ant\u00e9rieures \u00e0 7.6.3","product":{"name":"FortiMail","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiDeceptor toutes versions ant\u00e9rieures \u00e0 6.2.1","product":{"name":"FortiDeceptor","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiVoice versions 7.2.x ant\u00e9rieures \u00e0 7.2.1","product":{"name":"FortiVoice","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiAnalyzer Cloud versions ant\u00e9rieures \u00e0 7.6.5","product":{"name":"FortiAnalyzer","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiSOAR Agent Communication Bridge versions ant\u00e9rieures \u00e0 1.1.1","product":{"name":"FortiSOAR","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiWeb versions ant\u00e9rieures \u00e0 7.6.7","product":{"name":"FortiWeb","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiVoice versions 7.0.x ant\u00e9rieures \u00e0 7.0.7","product":{"name":"FortiVoice","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiSIEM versions 7.4.x ant\u00e9rieures \u00e0 7.4.1","product":{"name":"FortiSIEM","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiSIEM versions 7.3.x ant\u00e9rieures \u00e0 7.3.5","product":{"name":"FortiSIEM","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiWeb versions 8.0.x ant\u00e9rieures \u00e0 8.0.4","product":{"name":"FortiWeb","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiRecorder toutes versions ant\u00e9rieures \u00e0 7.2.4","product":{"name":"FortiRecorder","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiAnalyzer-BigData versions ant\u00e9rieures \u00e0 7.4.5","product":{"name":"FortiAnalyzer","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiMail versions 7.2.x ant\u00e9rieures \u00e0 7.2.8","product":{"name":"FortiMail","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiSwitchAXFixed versions 1.0.x ant\u00e9rieures \u00e0 1.0.2","product":{"name":"FortiSwitch","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiAnalyzer versions ant\u00e9rieures \u00e0 7.6.5","product":{"name":"FortiAnalyzer","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiMail versions 7.0.x ant\u00e9rieures \u00e0 7.0.9","product":{"name":"FortiMail","vendor":{"name":"Fortinet","scada":false}}}],"affected_systems_content":"","content":"## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des correctifs (cf. section Documentation).","cves":[{"name":"CVE-2026-30897","url":"https://www.cve.org/CVERecord?id=CVE-2026-30897"},{"name":"CVE-2025-53608","url":"https://www.cve.org/CVERecord?id=CVE-2025-53608"},{"name":"CVE-2026-24017","url":"https://www.cve.org/CVERecord?id=CVE-2026-24017"},{"name":"CVE-2025-68648","url":"https://www.cve.org/CVERecord?id=CVE-2025-68648"},{"name":"CVE-2026-24640","url":"https://www.cve.org/CVERecord?id=CVE-2026-24640"},{"name":"CVE-2026-22572","url":"https://www.cve.org/CVERecord?id=CVE-2026-22572"},{"name":"CVE-2025-48418","url":"https://www.cve.org/CVERecord?id=CVE-2025-48418"},{"name":"CVE-2025-48840","url":"https://www.cve.org/CVERecord?id=CVE-2025-48840"},{"name":"CVE-2026-24641","url":"https://www.cve.org/CVERecord?id=CVE-2026-24641"},{"name":"CVE-2026-22627","url":"https://www.cve.org/CVERecord?id=CVE-2026-22627"},{"name":"CVE-2025-55717","url":"https://www.cve.org/CVERecord?id=CVE-2025-55717"},{"name":"CVE-2026-24018","url":"https://www.cve.org/CVERecord?id=CVE-2026-24018"},{"name":"CVE-2025-54820","url":"https://www.cve.org/CVERecord?id=CVE-2025-54820"},{"name":"CVE-2025-49784","url":"https://www.cve.org/CVERecord?id=CVE-2025-49784"},{"name":"CVE-2026-22629","url":"https://www.cve.org/CVERecord?id=CVE-2026-22629"},{"name":"CVE-2025-66178","url":"https://www.cve.org/CVERecord?id=CVE-2025-66178"},{"name":"CVE-2026-25689","url":"https://www.cve.org/CVERecord?id=CVE-2026-25689"},{"name":"CVE-2026-25972","url":"https://www.cve.org/CVERecord?id=CVE-2026-25972"},{"name":"CVE-2025-54659","url":"https://www.cve.org/CVERecord?id=CVE-2025-54659"},{"name":"CVE-2025-68482","url":"https://www.cve.org/CVERecord?id=CVE-2025-68482"},{"name":"CVE-2026-22628","url":"https://www.cve.org/CVERecord?id=CVE-2026-22628"},{"name":"CVE-2026-25836","url":"https://www.cve.org/CVERecord?id=CVE-2026-25836"}],"links":[],"reference":"CERTFR-2026-AVI-0265","revisions":[{"description":"Version initiale","revision_date":"2026-03-11T00:00:00.000000"}],"risks":[{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire"},{"description":"Injection SQL (SQLi)"},{"description":"Non sp\u00e9cifi\u00e9 par l'\u00e9diteur"},{"description":"D\u00e9ni de service"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Fortinet. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n\nConcernant la vuln\u00e9rabilit\u00e9 CVE-2025-66178, l'\u00e9diteur fournit certaines recommandations dans l'attente de la version correctrice.","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet","vendor_advisories":[{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-078","url":"https://www.fortiguard.com/psirt/FG-IR-26-078"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-096","url":"https://www.fortiguard.com/psirt/FG-IR-26-096"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-098","url":"https://www.fortiguard.com/psirt/FG-IR-26-098"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-080","url":"https://www.fortiguard.com/psirt/FG-IR-26-080"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-088","url":"https://www.fortiguard.com/psirt/FG-IR-26-088"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-094","url":"https://www.fortiguard.com/psirt/FG-IR-26-094"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-092","url":"https://www.fortiguard.com/psirt/FG-IR-26-092"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-090","url":"https://www.fortiguard.com/psirt/FG-IR-26-090"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-081","url":"https://www.fortiguard.com/psirt/FG-IR-26-081"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-095","url":"https://www.fortiguard.com/psirt/FG-IR-26-095"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-093","url":"https://www.fortiguard.com/psirt/FG-IR-26-093"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-083","url":"https://www.fortiguard.com/psirt/FG-IR-26-083"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-087","url":"https://www.fortiguard.com/psirt/FG-IR-26-087"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-079","url":"https://www.fortiguard.com/psirt/FG-IR-26-079"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-086","url":"https://www.fortiguard.com/psirt/FG-IR-26-086"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-077","url":"https://www.fortiguard.com/psirt/FG-IR-26-077"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-082","url":"https://www.fortiguard.com/psirt/FG-IR-26-082"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-097","url":"https://www.fortiguard.com/psirt/FG-IR-26-097"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-085","url":"https://www.fortiguard.com/psirt/FG-IR-26-085"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-091","url":"https://www.fortiguard.com/psirt/FG-IR-26-091"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-089","url":"https://www.fortiguard.com/psirt/FG-IR-26-089"},{"published_at":"2026-03-10","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-084","url":"https://www.fortiguard.com/psirt/FG-IR-26-084"}]}