CVE-2026-24858

Published Jan 27, 2026

Last updated 16 hours ago

Exploit known CVSS critical 9.8

Overview

Description: An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager 7.4.0 through 7.4.9, FortiManager 7.2.0 through 7.2.11, FortiManager 7.0.0 through 7.0.15, FortiOS 7.6.0 through 7.6.5, FortiOS 7.4.0 through 7.4.10, FortiOS 7.2.0 through 7.2.12, FortiOS 7.0.0 through 7.0.18, FortiProxy 7.6.0 through 7.6.4, FortiProxy 7.4.0 through 7.4.12, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions, FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices.
Source: psirt@fortinet.com
NVD status: Analyzed
Products: fortianalyzer, fortimanager, fortiproxy, fortiweb, fortios

Risk scores

CVSS 3.1

Type: Secondary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

Known exploits

Data from CISA

Vulnerability name: Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability
Exploit added on: Jan 27, 2026
Exploit action due: Jan 30, 2026
Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

psirt@fortinet.com: CWE-288

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2B61F1F-19A9-4BA6-B12A-ECA95C5634A3",
            "versionEndIncluding": "7.0.15",
            "versionStartIncluding": "7.0.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D467D1D8-1BCF-4A88-8EEE-0D8092C3AE9C",
            "versionEndIncluding": "7.2.11",
            "versionStartIncluding": "7.2.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD96750D-104E-4DAE-A19E-8C92E85429F4",
            "versionEndExcluding": "7.4.10",
            "versionStartIncluding": "7.4.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00645EEE-3E67-4B98-BB49-B23AD1D60B54",
            "versionEndExcluding": "7.6.5",
            "versionStartIncluding": "7.6.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "651E452B-3C1D-4738-BDFF-7234B19C63F7",
            "versionEndIncluding": "7.0.15",
            "versionStartIncluding": "7.0.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36D9D75F-B292-4651-8BF0-20AFE2C016C4",
            "versionEndIncluding": "7.2.11",
            "versionStartIncluding": "7.2.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3AF70FA9-34D3-4ADF-B87C-A9C31D4DC174",
            "versionEndExcluding": "7.4.10",
            "versionStartIncluding": "7.4.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B0EB08A-E673-4D58-B7DF-C56F161E7A5D",
            "versionEndIncluding": "7.6.5",
            "versionStartIncluding": "7.6.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4AD4234F-1891-4122-97D2-6FA99998AD4B",
            "versionEndIncluding": "7.4.12",
            "versionStartIncluding": "7.0.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A26D8D81-00EE-4A11-B693-DE85B912F267",
            "versionEndIncluding": "7.6.4",
            "versionStartIncluding": "7.6.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64C16483-DF84-43AA-B5D4-FA8939E4F387",
            "versionEndIncluding": "7.4.11",
            "versionStartIncluding": "7.4.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B40750AD-AE67-42C3-89A5-E64F3D7F0431",
            "versionEndIncluding": "7.6.6",
            "versionStartIncluding": "7.6.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDCDD451-D984-4EC9-AB30-42D553FF0BD7",
            "versionEndIncluding": "8.0.3",
            "versionStartIncluding": "8.0.0"
          },
          {
            "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A0CDFB7-0B78-4B3E-9E19-34E5F2479271",
            "versionEndIncluding": "7.0.18",
            "versionStartIncluding": "7.0.0"
          },
          {
            "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25DF0315-DF9C-4C51-9902-ED607B049152",
            "versionEndIncluding": "7.2.12",
            "versionStartIncluding": "7.2.0"
          },
          {
            "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2ADAF67E-132B-4810-8919-38AC80BF59F5",
            "versionEndExcluding": "7.4.11",
            "versionStartIncluding": "7.4.0"
          },
          {
            "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CF61FE2-6518-4437-A385-6E4E431112E5",
            "versionEndIncluding": "7.6.5",
            "versionStartIncluding": "7.6.0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Known exploits

Weaknesses

Social media

Configurations

References