FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Solution This is a False Alarms: FortiOS DNS query service in proxy mode will simply forward DNS queries to the target DNS server; thus the real vulnerabilities are at the target DNS servers. FortiOS is not using ISC BIND 3rd party software.
To verify/validate, change FortiOS DNS server settings to non-recursive mode:
#config system dns-server edit [interface] set mode non-recursive next end
and re-apply the scanning, these ISC BIND related vulnerabilties should not show up anymore.