Technical Tip: Assets and Identities: FortiGuard IoT/OT Detected Vulnerabilities shows 'OT vulnerabilities are not shown as FortiGuard OT License is inactive' even with full Operational Technology (OT) Security Service license

pachavez · ‎03-03-2025

Description

This article describes how to fix the warning message under Dashboard -> Assets & Identities -> Asset View -> View the 'Vulnerabilities' column, when the tooltip displays 'OT Vulnerabilities are not shown as FortiGuard OT license is inactive', but the FortiGate has a full Operational Technology (OT) Security Service license.

Scope

FortiGate.

Solution

Check the Operational Technology (OT) Security Service license.

From GUI:

Navigate to System -> FortiGuard.

GUI OT updated.png

From CLI:

get sys fortiguard-service status
diagnose autoupdate versions | grep OT -A7

Check that the user store can see those entries with IoT Vulnerability data.

From CLI:

diagnose user-device-store iot-ot-vuln list [In 7.4 or above]

diagnose user-device-store iot-vuln list [In 7.2]

From GUI:

When checking on Dashboard -> Assets & Identities -> Asset View -> View the 'Vulnerabilities' column, the warning message appears 'OT Vulnerabilities are not shown as FortiGuard OT license is inactive'.

OT warning message.jpg

This is a cosmetic issue on the GUI and does not affect the functionality of the device.

Affected Versions: v7.4.7, v7.6.1.

Solution:

The fix will be included in v7.4.8 and v7.6.3.

Technical Tip: Assets and Identities: FortiGuard IoT/OT Detected Vulnerabilities shows 'OT vulnerabilities are not shown as FortiGuard OT License is inactive' even with full Operational Technology (OT) Security Service license

You are leaving our website