Description
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager 7.4.0 through 7.4.9, FortiManager 7.2.0 through 7.2.11, FortiManager 7.0.0 through 7.0.15, FortiOS 7.6.0 through 7.6.5, FortiOS 7.4.0 through 7.4.10, FortiOS 7.2.0 through 7.2.12, FortiOS 7.0.0 through 7.0.18, FortiProxy 7.6.0 through 7.6.4, FortiProxy 7.4.0 through 7.4.12, FortiProxy 7.2.0 through 7.2.15, FortiProxy 7.0.0 through 7.0.22, FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices.
Published: 2026-01-27
Score: 9.4 Critical
EPSS: 4.4% Low
KEV: Yes
Impact: n/a
Action: n/a
AI Analysis

Impact

An Authentication Bypass Using an Alternate Path or Channel vulnerability (CWE-288) exists in multiple Fortinet products. The flaw allows an attacker who holds a valid FortiCloud account and has a registered device to authenticate to other devices registered under different accounts when FortiCloud SSO is enabled, effectively bypassing normal authentication controls and granting full administrative access to those systems.

Affected Systems

Affected products include FortiAnalyzer (versions 7.0.0–7.6.5, 7.4.0–7.4.9, 7.2.0–7.2.11), FortiManager (7.0.0–7.6.5, 7.4.0–7.4.9, 7.2.0–7.2.11), FortiOS (7.0.0–7.6.5, 7.4.0–7.4.10, 7.2.0–7.2.12), FortiProxy (7.0.0–7.6.4, 7.4.0–7.4.12, 7.2.0–7.2.15), and FortiWeb (7.4.0–7.4.11, 7.6.0–7.6.6, 8.0.0–8.0.3).

Risk and Exploitability

The vulnerability has a CVSS score of 9.4 and an EPSS score of 4%, indicating a high severity and a moderate likelihood of exploitation. It is listed in the CISA KEV catalog, signifying that known exploits exist. Exploitation requires the attacker to have a FortiCloud account and a registered device; the attack vector is remote, relying on the FortiCloud SSO authentication path used by the affected devices. Successful exploitation grants the attacker full control over the compromised device, potentially expanding reach to other network assets.

Generated by OpenCVE AI on May 13, 2026 at 15:39 UTC.

Remediation

Vendor Solution

Upgrade to upcoming FortiOS version 8.0.0 or above Upgrade to FortiOS version 7.6.6 or above Upgrade to FortiOS version 7.4.11 or above Upgrade to FortiOS version 7.2.13 or above Upgrade to FortiOS version 7.0.19 or above Upgrade to upcoming FortiManager version 8.0.0 or above Upgrade to FortiManager version 7.6.6 or above Upgrade to FortiManager version 7.4.10 or above Upgrade to FortiManager version 7.2.12 or above Upgrade to FortiManager version 7.0.16 or above Upgrade to FortiAnalyzer version 7.6.6 or above Upgrade to FortiAnalyzer version 7.4.10 or above Upgrade to FortiAnalyzer version 7.2.12 or above Upgrade to FortiAnalyzer version 7.0.16 or above Upgrade to FortiProxy version 7.6.5 or above Upgrade to FortiProxy version 7.4.13 or above Upgrade to FortiProxy version 7.2.16 or above Upgrade to FortiProxy version 7.0.23 or above Upgrade to FortiWeb version 8.0.4 or above Upgrade to FortiWeb version 7.6.7 or above Upgrade to FortiWeb version 7.4.12 or above Upgrade to FortiNAC-F version 7.6.6 or above Upgrade to FortiSwitchManager version 7.2.9 or above Upgrade to FortiSwitchManager version 7.0.8 or above

OpenCVE Recommended Actions

  • Upgrade all Fortinet devices to the latest firmware: for FortiAnalyzer at least version 7.6.6, for FortiManager at least 7.6.6, for FortiOS at least 8.0.0, for FortiProxy at least 7.6.5, for FortiWeb at least 8.0.4, for FortiNAC‑F at least 7.6.6, and for FortiSwitchManager at least 7.2.9, as recommended by the vendor.
  • If immediate upgrade is not feasible, disable the FortiCloud SSO feature on all devices that require it, or restrict its usage to trusted accounts only.
  • Implement device registration restrictions and monitor authentication logs for suspicious SSO logins, ensuring that only authorized devices and accounts can establish SSO sessions.

Generated by OpenCVE AI on May 13, 2026 at 15:39 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Siemens
Siemens ruggedcom Ape1808
Siemens ruggedcom Ape1808 Firmware
CPEs cpe:2.3:h:siemens:ruggedcom_ape1808:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_ape1808_firmware:-:*:*:*:*:*:*:*
Vendors & Products Siemens
Siemens ruggedcom Ape1808
Siemens ruggedcom Ape1808 Firmware

Tue, 12 May 2026 13:30:00 +0000

Type Values Removed Values Added
References

Wed, 22 Apr 2026 04:15:00 +0000

Type Values Removed Values Added
Title Fortinet Authentication Bypass via Alternate Path Allows Unauthorized Device Access

Thu, 16 Apr 2026 07:45:00 +0000

Type Values Removed Values Added
Title Fortinet Authentication Bypass via Alternate Path Allows Unauthorized Device Access

Thu, 29 Jan 2026 10:00:00 +0000

Type Values Removed Values Added
Description An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager 7.4.0 through 7.4.9, FortiManager 7.2.0 through 7.2.11, FortiManager 7.0.0 through 7.0.15, FortiOS 7.6.0 through 7.6.5, FortiOS 7.4.0 through 7.4.10, FortiOS 7.2.0 through 7.2.12, FortiOS 7.0.0 through 7.0.18, FortiProxy 7.6.0 through 7.6.4, FortiProxy 7.4.0 through 7.4.12, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions, FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices. An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager 7.4.0 through 7.4.9, FortiManager 7.2.0 through 7.2.11, FortiManager 7.0.0 through 7.0.15, FortiOS 7.6.0 through 7.6.5, FortiOS 7.4.0 through 7.4.10, FortiOS 7.2.0 through 7.2.12, FortiOS 7.0.0 through 7.0.18, FortiProxy 7.6.0 through 7.6.4, FortiProxy 7.4.0 through 7.4.12, FortiProxy 7.2.0 through 7.2.15, FortiProxy 7.0.0 through 7.0.22, FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices.

Wed, 28 Jan 2026 16:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*

Wed, 28 Jan 2026 14:30:00 +0000

Type Values Removed Values Added
Description An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager 7.4.0 through 7.4.9, FortiManager 7.2.0 through 7.2.11, FortiManager 7.0.0 through 7.0.15, FortiOS 7.6.0 through 7.6.5, FortiOS 7.4.0 through 7.4.10, FortiOS 7.2.0 through 7.2.12, FortiOS 7.0.0 through 7.0.18 may allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices. An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager 7.4.0 through 7.4.9, FortiManager 7.2.0 through 7.2.11, FortiManager 7.0.0 through 7.0.15, FortiOS 7.6.0 through 7.6.5, FortiOS 7.4.0 through 7.4.10, FortiOS 7.2.0 through 7.2.12, FortiOS 7.0.0 through 7.0.18, FortiProxy 7.6.0 through 7.6.4, FortiProxy 7.4.0 through 7.4.12, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions, FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices.
First Time appeared Fortinet fortiproxy
Fortinet fortiweb
CPEs cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.10:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.11:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.12:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.13:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.14:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.15:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.16:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.17:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.18:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.19:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.20:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.21:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.22:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.4:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.5:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.6:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.7:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.8:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.9:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.2.10:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.2.11:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.2.12:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.2.13:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.2.14:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.2.15:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.2.3:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.2.4:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.2.5:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.2.6:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.2.7:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.2.8:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.2.9:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.4.10:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.4.11:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.4.12:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.4.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.4.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.4.3:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.4.4:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.4.5:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.4.6:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.4.7:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.4.8:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.4.9:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.6.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.6.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.6.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.6.3:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.6.4:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.10:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.11:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.3:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.4:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.5:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.6:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.7:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.8:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.9:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.6.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.6.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.6.3:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.6.4:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.6.5:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.6.6:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:8.0.3:*:*:*:*:*:*:*
Vendors & Products Fortinet fortiproxy
Fortinet fortiweb

Tue, 27 Jan 2026 22:15:00 +0000

Type Values Removed Values Added
References

Tue, 27 Jan 2026 21:45:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2026-01-27T00:00:00+00:00', 'dueDate': '2026-01-30T00:00:00+00:00'}

Tue, 27 Jan 2026 21:15:00 +0000

Type Values Removed Values Added
References
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

 ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 27 Jan 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 27 Jan 2026 19:30:00 +0000

Type Values Removed Values Added
Description An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager 7.4.0 through 7.4.9, FortiManager 7.2.0 through 7.2.11, FortiManager 7.0.0 through 7.0.15, FortiOS 7.6.0 through 7.6.5, FortiOS 7.4.0 through 7.4.10, FortiOS 7.2.0 through 7.2.12, FortiOS 7.0.0 through 7.0.18 may allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices.
First Time appeared Fortinet
Fortinet fortianalyzer
Fortinet fortimanager
Fortinet fortios
Weaknesses CWE-288
CPEs cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.0.14:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.0.15:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.2.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.2.11:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.2.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.4.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.4.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.4.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.4.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.4.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.4.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.6.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.6.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.6.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.6.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.6.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortianalyzer:7.6.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.14:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.15:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.2.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.2.11:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.2.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.4.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.4.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.4.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.4.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.4.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.4.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.6.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.6.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.6.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.6.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.6.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.17:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.18:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.11:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.12:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.4.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.4.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.4.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.4.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.4.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.4.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.6.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.6.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.6.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.6.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.6.5:*:*:*:*:*:*:*
Vendors & Products Fortinet
Fortinet fortianalyzer
Fortinet fortimanager
Fortinet fortios
References
Metrics cvssV3_1

{'score': 9.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C'}

Subscriptions

Fortinet Fortianalyzer Fortimanager Fortios Fortiproxy Fortiweb
Siemens Ruggedcom Ape1808 Ruggedcom Ape1808 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published:

Updated: 2026-05-12T12:08:56.335Z

Reserved: 2026-01-27T15:11:02.057Z

Link: CVE-2026-24858

cve-icon Vulnrichment

Updated: 2026-01-27T19:30:19.472Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-27T20:16:24.477

Modified: 2026-05-12T18:47:28.407

Link: CVE-2026-24858

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-13T15:45:43Z

Weaknesses