THREAT SENTINEL
Back to Dashboard
VulnerabilitiesCritical

Fortinet FortiOS SSO Authentication Bypass (CVE-2026-24858) Actively Exploited

Friday, March 27, 2026
Global
https://thehackernews.com/2026/01/fortinet-patches-cve-2026-24858-after.html

Summary

Authentication bypass in FortiOS SSO actively exploited. Attackers create local admin accounts, modify VPN configurations, and exfiltrate firewall configs. Added to CISA KEV catalog.

Threat Analysis

Authentication bypass in FortiOS SSO actively exploited. Attackers create local admin accounts, modify VPN configurations, and exfiltrate firewall configs. Added to CISA KEV catalog.

**Associated CVEs:** CVE-2026-24858

**Source:** https://thehackernews.com/2026/01/fortinet-patches-cve-2026-24858-after.html

**Recommended Actions:** - Apply security patches immediately if available - Monitor for indicators of compromise - Review and update security configurations - Implement network segmentation where applicable

Last updated: Mar 27, 2026, 11:44 AM

Daily Intelligence

Stay Ahead of Threats

Subscribe to receive daily threat briefings delivered to your inbox. Be the first to know about emerging security risks.

No spamUnsubscribe anytimeDaily at 9 AM