Fortinet has released patches for CVE-2026-24858, an authentication bypass exploited in the wild to compromise devices.
Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability ...
The flaw, tracked as CVE-2026-24858, allows an attacker with a registered device and a FortiCloud account to access devices ...
The Register on MSN
Fortinet unearths another critical bug as SSO accounts borked post-patch
More work for admins on the cards as they await a full dump of fixes Things aren't over yet for Fortinet customers – the ...
Fortinet released updates for an actively exploited FortiOS SSO authentication bypass flaw, CVE-2026-24858, now listed by CISA in KEV.
CISA added the flaw to its KEVs catalog as Fortinet warned that patches for most affected versions remain “upcoming,” even though vulnerable devices can no longer use cloud SSO until upgraded.
Fortinet confirms active exploitation of a FortiCloud SSO authentication bypass affecting fully patched FortiGate devices via ...
The cybersecurity company pointed out that the fresh campaign resembles December 2025 attacks targeting CVE-2025-59718 and CVE-2025-59719, two critical-severity defects impacting the FortiCloud SSO ...
Attackers have been targeting various Fortinet products for some time. A functional security update is still missing.
CVE-2026-24858 affects dozens of Fortinet products and has already been added to CISA’s list of known exploited ...
Fortinet FortiGate devices are being targeted in automated attacks that create rogue accounts and steal firewall ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results