Skip to main content
MaeIstrom
MaeIstrom
New Member
April 1, 2026
Question

No security patches without a subscription?

  • April 1, 2026
  • 1 reply
  • 343 views

So we finally pulled out the fortiwifi 40f that's been causing so much grief and replaced it with a consumer router that actually works and before binning the fortiwifi decided to factory reset, upgrade to latest firmware and see if a fortigate device can actually do something useful. First thing I noticed was it's now claiming to be on the 'Latest' update v7.0.12 and furthermore it won't do any firmware updates without a paid subscription (which is odd because it was running without a subscription prior to the resel and was always complaining about needing updates).

Now since it is April Fools day I just wanted to clarify I'm not imagining this or misunderstanding something.  Fortigate sells devices chock-full of security holes and withholds the fixes unless you pay in perpetuity for a subscription? Really? Or did the factory reset update to the latest stable version of the 7.0 branch and is merely refusing to update the major version? Which would be slightly more reasonable albeit still unprecedented compared to any other device with updateable firmware.  I'm not trying to be controversial here I am genuinely trying to understand why anyone, anywhere has ever purchased a fortigate device what am I missing?

1 reply

funkylicious
SuperUser
funkylicious
SuperUser
April 1, 2026

The download of firmware i guess you are trying from the support portal, if so - yes, w/o an active license support license for that model/device you cannot download anymore.

Also from the GUI, 

https://docs.fortinet.com/document/fortigate/7.4.0/new-features/299518/prevent-fortigates-with-an-expired-support-contract-from-upgrading-to-a-major-or-minor-firmware-release

https://docs.fortinet.com/document/fortigate/7.4.0/new-features/107956/prevent-firmware-upgrade-depending-on-the-current-firmware-licenses-expiration-date-7-4-2 

"jack of all trades, master of none"
MaeIstrom
MaeIstromAuthor
New Member
April 7, 2026

Where else would one download the firmware from? From what I can gather despite reaching EOL in September last year this device could feasibly run 7.0.19 but you would need a paid license to actually download it so my original thesis appears correct. Fortinet sells exploitable network devices and doesn't make patches available. This suggests the answer to my final question is the only reason anyone would actually pay for a fortinet is they're a low iq corporate drone and that searching for an archive of fortinet firmware is unlikely to bear fruit because setting up an internet resource is probably far beyond the capabilities of the userbase.

funkylicious
SuperUser
funkylicious
SuperUser
April 7, 2026

i get your frustration but at the same time i would also consider all the benefits that Fortinet had over its competitors in regards to its products over the years, free of charge.

Other competitors dont/didnt allow you to download firmware for products w/ expired support either, but Fortinet did so until recently.

Same goes for 'unlimited' ( limited by the HW ) VPN user seats on the FGTs and download of FortiClient VPN Only, where you need also licenses to buy from other vendors.

So, if you are a company you should have active support to ensure RMA or other tech assistance, and therefore benefit from downloading firmware and keeping the device on a non-exploitable version.

"jack of all trades, master of none"
Terms & ConditionsAccessibility statement