{"cve_id":"CVE-2026-24858","summary":"An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager 7.4.0 through 7.4.9, FortiManager 7.2.0 through 7.2.11, FortiManager 7.0.0 through 7.0.15, FortiOS 7.6.0 through 7.6.5, FortiOS 7.4.0 through 7.4.10, FortiOS 7.2.0 through 7.2.12, FortiOS 7.0.0 through 7.0.18, FortiProxy 7.6.0 through 7.6.4, FortiProxy 7.4.0 through 7.4.12, FortiProxy 7.2.0 through 7.2.15, FortiProxy 7.0.0 through 7.0.22, FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"epss":0.01784,"ranking_epss":0.82674,"kev":true,"propose_action":"Fortinet FortiAnalyzer, FortiManager, FortiOS, and FortiProxy contain an authentication bypass using an alternate path or channel that could allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices.","ransomware_campaign":"Unknown","references":["https://fortiguard.fortinet.com/psirt/FG-IR-26-060","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-24858","https://www.fortinet.com/blog/psirt-blogs/analysis-of-sso-abuse-on-fortios"],"published_time":"2026-01-27T20:16:24","cpes":["cpe:2.3:a:fortinet:fortianalyzer:7.0.0","cpe:2.3:a:fortinet:fortianalyzer:7.0.1","cpe:2.3:a:fortinet:fortianalyzer:7.0.10","cpe:2.3:a:fortinet:fortianalyzer:7.0.11","cpe:2.3:a:fortinet:fortianalyzer:7.0.12","cpe:2.3:a:fortinet:fortianalyzer:7.0.13","cpe:2.3:a:fortinet:fortianalyzer:7.0.14","cpe:2.3:a:fortinet:fortianalyzer:7.0.15","cpe:2.3:a:fortinet:fortianalyzer:7.0.2","cpe:2.3:a:fortinet:fortianalyzer:7.0.3","cpe:2.3:a:fortinet:fortianalyzer:7.0.4","cpe:2.3:a:fortinet:fortianalyzer:7.0.5","cpe:2.3:a:fortinet:fortianalyzer:7.0.6","cpe:2.3:a:fortinet:fortianalyzer:7.0.7","cpe:2.3:a:fortinet:fortianalyzer:7.0.8","cpe:2.3:a:fortinet:fortianalyzer:7.0.9","cpe:2.3:a:fortinet:fortianalyzer:7.2.0","cpe:2.3:a:fortinet:fortianalyzer:7.2.1","cpe:2.3:a:fortinet:fortianalyzer:7.2.10","cpe:2.3:a:fortinet:fortianalyzer:7.2.11","cpe:2.3:a:fortinet:fortianalyzer:7.2.2","cpe:2.3:a:fortinet:fortianalyzer:7.2.3","cpe:2.3:a:fortinet:fortianalyzer:7.2.4","cpe:2.3:a:fortinet:fortianalyzer:7.2.5","cpe:2.3:a:fortinet:fortianalyzer:7.2.6","cpe:2.3:a:fortinet:fortianalyzer:7.2.7","cpe:2.3:a:fortinet:fortianalyzer:7.2.8","cpe:2.3:a:fortinet:fortianalyzer:7.2.9","cpe:2.3:a:fortinet:fortianalyzer:7.4.0","cpe:2.3:a:fortinet:fortianalyzer:7.4.1","cpe:2.3:a:fortinet:fortianalyzer:7.4.2","cpe:2.3:a:fortinet:fortianalyzer:7.4.3","cpe:2.3:a:fortinet:fortianalyzer:7.4.4","cpe:2.3:a:fortinet:fortianalyzer:7.4.5","cpe:2.3:a:fortinet:fortianalyzer:7.4.6","cpe:2.3:a:fortinet:fortianalyzer:7.4.7","cpe:2.3:a:fortinet:fortianalyzer:7.4.8","cpe:2.3:a:fortinet:fortianalyzer:7.4.9","cpe:2.3:a:fortinet:fortianalyzer:7.6.0","cpe:2.3:a:fortinet:fortianalyzer:7.6.1","cpe:2.3:a:fortinet:fortianalyzer:7.6.2","cpe:2.3:a:fortinet:fortianalyzer:7.6.3","cpe:2.3:a:fortinet:fortianalyzer:7.6.4","cpe:2.3:a:fortinet:fortianalyzer:7.6.5","cpe:2.3:a:fortinet:fortimanager:7.0.0","cpe:2.3:a:fortinet:fortimanager:7.0.1","cpe:2.3:a:fortinet:fortimanager:7.0.10","cpe:2.3:a:fortinet:fortimanager:7.0.11","cpe:2.3:a:fortinet:fortimanager:7.0.12","cpe:2.3:a:fortinet:fortimanager:7.0.13","cpe:2.3:a:fortinet:fortimanager:7.0.14","cpe:2.3:a:fortinet:fortimanager:7.0.15","cpe:2.3:a:fortinet:fortimanager:7.0.2","cpe:2.3:a:fortinet:fortimanager:7.0.3","cpe:2.3:a:fortinet:fortimanager:7.0.4","cpe:2.3:a:fortinet:fortimanager:7.0.5","cpe:2.3:a:fortinet:fortimanager:7.0.6","cpe:2.3:a:fortinet:fortimanager:7.0.7","cpe:2.3:a:fortinet:fortimanager:7.0.8","cpe:2.3:a:fortinet:fortimanager:7.0.9","cpe:2.3:a:fortinet:fortimanager:7.2.0","cpe:2.3:a:fortinet:fortimanager:7.2.1","cpe:2.3:a:fortinet:fortimanager:7.2.10","cpe:2.3:a:fortinet:fortimanager:7.2.11","cpe:2.3:a:fortinet:fortimanager:7.2.2","cpe:2.3:a:fortinet:fortimanager:7.2.3","cpe:2.3:a:fortinet:fortimanager:7.2.4","cpe:2.3:a:fortinet:fortimanager:7.2.5","cpe:2.3:a:fortinet:fortimanager:7.2.6","cpe:2.3:a:fortinet:fortimanager:7.2.7","cpe:2.3:a:fortinet:fortimanager:7.2.8","cpe:2.3:a:fortinet:fortimanager:7.2.9","cpe:2.3:a:fortinet:fortimanager:7.4.0","cpe:2.3:a:fortinet:fortimanager:7.4.1","cpe:2.3:a:fortinet:fortimanager:7.4.2","cpe:2.3:a:fortinet:fortimanager:7.4.3","cpe:2.3:a:fortinet:fortimanager:7.4.4","cpe:2.3:a:fortinet:fortimanager:7.4.5","cpe:2.3:a:fortinet:fortimanager:7.4.6","cpe:2.3:a:fortinet:fortimanager:7.4.7","cpe:2.3:a:fortinet:fortimanager:7.4.8","cpe:2.3:a:fortinet:fortimanager:7.4.9","cpe:2.3:a:fortinet:fortimanager:7.6.0","cpe:2.3:a:fortinet:fortimanager:7.6.1","cpe:2.3:a:fortinet:fortimanager:7.6.2","cpe:2.3:a:fortinet:fortimanager:7.6.3","cpe:2.3:a:fortinet:fortimanager:7.6.4","cpe:2.3:a:fortinet:fortimanager:7.6.5","cpe:2.3:a:fortinet:fortiproxy:7.0.0","cpe:2.3:a:fortinet:fortiproxy:7.0.1","cpe:2.3:a:fortinet:fortiproxy:7.0.10","cpe:2.3:a:fortinet:fortiproxy:7.0.11","cpe:2.3:a:fortinet:fortiproxy:7.0.12","cpe:2.3:a:fortinet:fortiproxy:7.0.13","cpe:2.3:a:fortinet:fortiproxy:7.0.14","cpe:2.3:a:fortinet:fortiproxy:7.0.15","cpe:2.3:a:fortinet:fortiproxy:7.0.16","cpe:2.3:a:fortinet:fortiproxy:7.0.17","cpe:2.3:a:fortinet:fortiproxy:7.0.18","cpe:2.3:a:fortinet:fortiproxy:7.0.19","cpe:2.3:a:fortinet:fortiproxy:7.0.2","cpe:2.3:a:fortinet:fortiproxy:7.0.20","cpe:2.3:a:fortinet:fortiproxy:7.0.21","cpe:2.3:a:fortinet:fortiproxy:7.0.22","cpe:2.3:a:fortinet:fortiproxy:7.0.3","cpe:2.3:a:fortinet:fortiproxy:7.0.4","cpe:2.3:a:fortinet:fortiproxy:7.0.5","cpe:2.3:a:fortinet:fortiproxy:7.0.6","cpe:2.3:a:fortinet:fortiproxy:7.0.7","cpe:2.3:a:fortinet:fortiproxy:7.0.8","cpe:2.3:a:fortinet:fortiproxy:7.0.9","cpe:2.3:a:fortinet:fortiproxy:7.2.0","cpe:2.3:a:fortinet:fortiproxy:7.2.1","cpe:2.3:a:fortinet:fortiproxy:7.2.10","cpe:2.3:a:fortinet:fortiproxy:7.2.11","cpe:2.3:a:fortinet:fortiproxy:7.2.12","cpe:2.3:a:fortinet:fortiproxy:7.2.13","cpe:2.3:a:fortinet:fortiproxy:7.2.14","cpe:2.3:a:fortinet:fortiproxy:7.2.15","cpe:2.3:a:fortinet:fortiproxy:7.2.2","cpe:2.3:a:fortinet:fortiproxy:7.2.3","cpe:2.3:a:fortinet:fortiproxy:7.2.4","cpe:2.3:a:fortinet:fortiproxy:7.2.5","cpe:2.3:a:fortinet:fortiproxy:7.2.6","cpe:2.3:a:fortinet:fortiproxy:7.2.7","cpe:2.3:a:fortinet:fortiproxy:7.2.8","cpe:2.3:a:fortinet:fortiproxy:7.2.9","cpe:2.3:a:fortinet:fortiproxy:7.4.0","cpe:2.3:a:fortinet:fortiproxy:7.4.1","cpe:2.3:a:fortinet:fortiproxy:7.4.10","cpe:2.3:a:fortinet:fortiproxy:7.4.11","cpe:2.3:a:fortinet:fortiproxy:7.4.12","cpe:2.3:a:fortinet:fortiproxy:7.4.2","cpe:2.3:a:fortinet:fortiproxy:7.4.3","cpe:2.3:a:fortinet:fortiproxy:7.4.4","cpe:2.3:a:fortinet:fortiproxy:7.4.5","cpe:2.3:a:fortinet:fortiproxy:7.4.6","cpe:2.3:a:fortinet:fortiproxy:7.4.7","cpe:2.3:a:fortinet:fortiproxy:7.4.8","cpe:2.3:a:fortinet:fortiproxy:7.4.9","cpe:2.3:a:fortinet:fortiproxy:7.6.0","cpe:2.3:a:fortinet:fortiproxy:7.6.1","cpe:2.3:a:fortinet:fortiproxy:7.6.2","cpe:2.3:a:fortinet:fortiproxy:7.6.3","cpe:2.3:a:fortinet:fortiproxy:7.6.4","cpe:2.3:a:fortinet:fortiweb:7.4.0","cpe:2.3:a:fortinet:fortiweb:7.4.1","cpe:2.3:a:fortinet:fortiweb:7.4.10","cpe:2.3:a:fortinet:fortiweb:7.4.11","cpe:2.3:a:fortinet:fortiweb:7.4.2","cpe:2.3:a:fortinet:fortiweb:7.4.3","cpe:2.3:a:fortinet:fortiweb:7.4.4","cpe:2.3:a:fortinet:fortiweb:7.4.5","cpe:2.3:a:fortinet:fortiweb:7.4.6","cpe:2.3:a:fortinet:fortiweb:7.4.7","cpe:2.3:a:fortinet:fortiweb:7.4.8","cpe:2.3:a:fortinet:fortiweb:7.4.9","cpe:2.3:a:fortinet:fortiweb:7.6.0","cpe:2.3:a:fortinet:fortiweb:7.6.1","cpe:2.3:a:fortinet:fortiweb:7.6.2","cpe:2.3:a:fortinet:fortiweb:7.6.3","cpe:2.3:a:fortinet:fortiweb:7.6.4","cpe:2.3:a:fortinet:fortiweb:7.6.5","cpe:2.3:a:fortinet:fortiweb:7.6.6","cpe:2.3:a:fortinet:fortiweb:8.0.0","cpe:2.3:a:fortinet:fortiweb:8.0.1","cpe:2.3:a:fortinet:fortiweb:8.0.2","cpe:2.3:a:fortinet:fortiweb:8.0.3","cpe:2.3:o:fortinet:fortios:7.0.0","cpe:2.3:o:fortinet:fortios:7.0.1","cpe:2.3:o:fortinet:fortios:7.0.10","cpe:2.3:o:fortinet:fortios:7.0.11","cpe:2.3:o:fortinet:fortios:7.0.12","cpe:2.3:o:fortinet:fortios:7.0.13","cpe:2.3:o:fortinet:fortios:7.0.14","cpe:2.3:o:fortinet:fortios:7.0.15","cpe:2.3:o:fortinet:fortios:7.0.16","cpe:2.3:o:fortinet:fortios:7.0.17","cpe:2.3:o:fortinet:fortios:7.0.18","cpe:2.3:o:fortinet:fortios:7.0.2","cpe:2.3:o:fortinet:fortios:7.0.3","cpe:2.3:o:fortinet:fortios:7.0.4","cpe:2.3:o:fortinet:fortios:7.0.5","cpe:2.3:o:fortinet:fortios:7.0.6","cpe:2.3:o:fortinet:fortios:7.0.7","cpe:2.3:o:fortinet:fortios:7.0.8","cpe:2.3:o:fortinet:fortios:7.0.9","cpe:2.3:o:fortinet:fortios:7.2.0","cpe:2.3:o:fortinet:fortios:7.2.1","cpe:2.3:o:fortinet:fortios:7.2.10","cpe:2.3:o:fortinet:fortios:7.2.11","cpe:2.3:o:fortinet:fortios:7.2.12","cpe:2.3:o:fortinet:fortios:7.2.2","cpe:2.3:o:fortinet:fortios:7.2.3","cpe:2.3:o:fortinet:fortios:7.2.4","cpe:2.3:o:fortinet:fortios:7.2.5","cpe:2.3:o:fortinet:fortios:7.2.6","cpe:2.3:o:fortinet:fortios:7.2.7","cpe:2.3:o:fortinet:fortios:7.2.8","cpe:2.3:o:fortinet:fortios:7.2.9","cpe:2.3:o:fortinet:fortios:7.4.0","cpe:2.3:o:fortinet:fortios:7.4.1","cpe:2.3:o:fortinet:fortios:7.4.10","cpe:2.3:o:fortinet:fortios:7.4.2","cpe:2.3:o:fortinet:fortios:7.4.3","cpe:2.3:o:fortinet:fortios:7.4.4","cpe:2.3:o:fortinet:fortios:7.4.5","cpe:2.3:o:fortinet:fortios:7.4.6","cpe:2.3:o:fortinet:fortios:7.4.7","cpe:2.3:o:fortinet:fortios:7.4.8","cpe:2.3:o:fortinet:fortios:7.4.9","cpe:2.3:o:fortinet:fortios:7.6.0","cpe:2.3:o:fortinet:fortios:7.6.1","cpe:2.3:o:fortinet:fortios:7.6.2","cpe:2.3:o:fortinet:fortios:7.6.3","cpe:2.3:o:fortinet:fortios:7.6.4","cpe:2.3:o:fortinet:fortios:7.6.5"]}