CVE-2026-24858CRITICAL · 9.8TrackedCISA KEV

Fortinet · Multiple Products

Fortinet FortiAnalyzer, FortiManager, FortiOS, and FortiProxy contain an authentication bypass using an alternate path or channel that could allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices.

Disclosed

2026-01-27

133 days ago

Status

no honeypot capture yet

on CISA KEV — watching

7-day events

across 0 distinct IPs

7-day spread

0 ASN · 0 cty

0 active days

Top ASNs

No events captured yet.

Top countries

No events captured yet.

References

https://fortiguard.fortinet.com/psirt/FG-IR-26-060
https://www.fortinet.com/blog/psirt-blogs/analysis-of-sso-abuse-on-fortios
https://nvd.nist.gov/vuln/detail/CVE-2026-24858

↗ NVD ↗ CISA KEV ↗ Search analyses