InfoSecBulletin Cybersecurity for mankind
Fortinet has revealed a critical vulnerability affecting its products. The company issued a Public Advisory on January 27 after noticing initial attacks on January 23, when it disabled two malicious accounts exploiting the single sign-on feature in FortiOS.
In December 2025, an advisory was issued about two previous SSO bypass vulnerabilities (CVE-2025-59718 and CVE-2025-59719) that Fortinet identified. Despite being fixed, these vulnerabilities were still being actively exploited.
LastPass says hackers stole customer data via Klue, supply chain breach
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
“Recently, a small number of customers reported unexpected login activity occurring on their devices, which appeared very similar to the previous issue,” Fortinet said in a recently updated January 22 advisory.
“However, in the last 24 hours, we have identified a number of cases where the exploit was to a device that had been fully upgraded to the latest release at the time of the attack, which suggested a new attack path.”
Fortinet has identified CVE-2026-24858 and disclosed it recently.
“An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] in FortiOS, FortiManager, FortiAnalyzer may allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices,” Fortinet said in its most recent advisory.
“This vulnerability was found being exploited in the wild by two malicious FortiCloud accounts, which were locked out on 2026-01-22. In order to protect its customers from further exploit, Fortinet disabled FortiCloud SSO on FortiCloud side on 2026-01-26. It was re-enabled on 2026-01-27 and no longer supports login from devices running vulnerable versions. Consequently, customers must upgrade to the latest versions listed below for the FortiCloud SSO authentication to function.”
CVE-2026-24858 is a critical security flaw that has been recognized and cataloged by CISA.
| Version | Affected | Solution |
|---|---|---|
| FortiAnalyzer 7.6 | 7.6.0 through 7.6.5 | Upgrade to upcoming 7.6.6 or above |
| FortiAnalyzer 7.4 | 7.4.0 through 7.4.9 | Upgrade to 7.4.10 or above |
| FortiAnalyzer 7.2 | 7.2.0 through 7.2.11 | Upgrade to upcoming 7.2.12 or above |
| FortiAnalyzer 7.0 | 7.0.0 through 7.0.15 | Upgrade to upcoming 7.0.16 or above |
| FortiAnalyzer 6.4 | Not affected | Not Applicable |
| FortiManager 7.6 | 7.6.0 through 7.6.5 | Upgrade to upcoming 7.6.6 or above |
| FortiManager 7.4 | 7.4.0 through 7.4.9 | Upgrade to 7.4.10 or above |
| FortiManager 7.2 | 7.2.0 through 7.2.11 | Upgrade to upcoming 7.2.13 or above |
| FortiManager 7.0 | 7.0.0 through 7.0.15 | Upgrade to upcoming 7.0.16 or above |
| FortiManager 6.4 | Not affected | Not Applicable |
| FortiOS 7.6 | 7.6.0 through 7.6.5 | Upgrade to upcoming 7.6.6 or above |
| FortiOS 7.4 | 7.4.0 through 7.4.10 | Upgrade to 7.4.11 or above |
| FortiOS 7.2 | 7.2.0 through 7.2.12 | Upgrade to upcoming 7.2.13 or above |
| FortiOS 7.0 | 7.0.0 through 7.0.18 | Upgrade to upcoming 7.0.19 or above |
| FortiOS 6.4 | Not affected | Not Applicable |
| FortiProxy 7.6 | 7.6.0 through 7.6.4 | Upgrade to upcoming 7.6.6 or above |
| FortiProxy 7.4 | 7.4.0 through 7.4.12 | Upgrade to upcoming 7.4.13 or above |
| FortiProxy 7.2 | 7.2 all versions | Migrate to a fixed release |
| FortiProxy 7.0 | 7.0 all versions | Migrate to a fixed release |
