Fortinet FortiAnalyzer and FortiManager products contain an improper restriction of excessive authentication attempts that can be exploited through race conditions. The flaw allows attackers to bypass built‑in brute‑force protections, enabling them to gain unauthorized access to administrative or user accounts. While exploitation is complex, an attacker who succeeds could compromise the system, potentially leading to full administrative control and lateral movement across the network.

The vulnerability affects Fortinet FortiAnalyzer and FortiAnalyzer Cloud versions from 6.4 through 7.6.4, FortiAnalyzer Cloud 7.4, 7.2, 7.0, and 6.4, as well as FortiManager and FortiManager Cloud from 6.4 through 7.6.4. Upgrading to version 7.6.5 or later, or any 8.0.0 release, eliminates the issue in all affected firmware lines.

The CVSS score of 3.4 indicates a low severity, and the EPSS score of less than 1% suggests a very low probability of exploitation. The vulnerability is not currently listed in the CISA Known Exploited Vulnerabilities catalog, indicating no known active exploitation. However, the attack requires local or remote access to an authentication service and benefits from a race condition, making practical exploitation difficult but not impossible. Due to the potential for account takeover, administrators should treat the impact as significant and prioritize remediation.