⚠ Actively exploited
Added to CISA KEV on 2026-01-27. Federal agencies required to patch by 2026-01-30. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable..

CVE-2026-24858

CWE-28813 documents10 sources
Severity
9.8CRITICAL
EPSS
2.3%
top 15.38%
CISA KEV
KEV
Added 2026-01-27
Due 2026-01-30
Exploit
No known exploits
Affected products
5
Fortinet FortianalyzerFortinet FortimanagerFortinet Fortios+2 more
Timeline
PublishedJan 27
KEV addedJan 27
KEV dueJan 30
CISA Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Description

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager 7.4.0 through 7.4.9, FortiManager 7.2.0 through 7.2.11, FortiManager 7.0.0 through 7.0.15, FortiOS 7.6.0 through 7.6.5, FortiOS 7.4.0 through 7.4.10, FortiOS 7.2.0 through 7.2.12, FortiOS 7.0.0 through

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages10 packages

NVDfortinet/fortios7.4.07.4.11+3
NVDfortinet/fortimanager7.4.07.4.10+3
NVDfortinet/fortianalyzer7.4.07.4.10+3
CVEListV5fortinet/fortios7.6.07.6.5+3
CVEListV5fortinet/fortiproxy7.6.07.6.4+3

🔴Vulnerability Details

3
GHSA
GHSA-2x38-48vp-w23x: An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 72026-01-27
CVEList
CVE-2026-24858: An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 72026-01-27
VulnCheck
Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability2026

🔍Detection Rules

4
Elastic
FortiGate Administrator Account Creation from Unusual Source
Elastic
FortiGate Overly Permissive Firewall Policy Created
Elastic
FortiGate FortiCloud SSO Login from Unusual Source
Elastic
FortiGate Configuration File Downloaded

📋Vendor Advisories

2
Fortinet
Administrative FortiCloud SSO authentication bypass2026-01-27
CISA
Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability2026-01-27

🕵️Threat Intelligence

2
Bleepingcomputer
Fortinet blocks exploited FortiCloud SSO zero day until patch is ready2026-01-27
Wiz
CVE-2026-24858 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-24858 (CRITICAL CVSS 9.8) | An Authentication Bypass Using an A | cvebase.io