CVE Catalog

Actively exploited in the wild

Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability

Fortinet — Multiple Products · Listed in the CISA KEV since 2026-01-27. This indicates confirmed attacks in production environments.

Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

CVE-2026-24858

CriticalCVSS 9.8KEV
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

High risk
4.80%

90th percentile — higher than 90% of all known CVEs

Summary

In Fortinet FortiAnalyzer, FortiManager, FortiNAC-F, FortiOS, FortiProxy, and FortiWeb, there is an authentication bypass vulnerability that allows an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts if FortiCloud SSO authentication is enabled on those devices.

Risk Assessment

This vulnerability may lead to unauthorized access to devices and data, posing a serious security threat to the organization.

Recommendation

It is recommended to disable FortiCloud SSO authentication on devices and update to the latest software version to minimize risk.

Original NVD description (English source)

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager 7.4.0 through 7.4.9, FortiManager 7.2.0 through 7.2.11, FortiManager 7.0.0 through 7.0.15, FortiNAC-F 7.6.3 through 7.6.5, FortiOS 7.6.0 through 7.6.5, FortiOS 7.4.0 through 7.4.10, FortiOS 7.2.0 through 7.2.12, FortiOS 7.0.0 through 7.0.18, FortiProxy 7.6.0 through 7.6.4, FortiProxy 7.4.0 through 7.4.12, FortiProxy 7.2.0 through 7.2.15, FortiProxy 7.0.0 through 7.0.22, FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS