Fortinet has issued emergency updates to address the critical FortiCloud SSO authentication bypass vulnerability, tracked as CVE-2026-24858, after momentarily deactivating FortiCloud SSO and blocking FortiCloud accounts observed in zero-day intrusions earlier this month, reports SecurityWeek.Abuse of CVE-2026-24858 could facilitate more extensive compromise for threat actors with FortiCloud account and registered device access, according to Fortinet, which confirmed the flaw to have been harnessed to target FortiGate firewalls that were patched against the critical FortiCloud SSO login bugs, tracked as CVE-2025-59718 and CVE-2025-59719. Immediate upgrades to FortiAnalyzer version 7.4.10, FortiManager version 7.4.10, and FortiOS version 7.4.11 have been recommended to prevent potential compromise. Fortinet also confirmed the inclusion of fixes in FortiAnalyzer versions 7.6.6, 7.2.12, and 7.0.16, FortiManager versions 7.6.6, 7.2.13, and 7.0.16, FortiOS versions 7.6.6, 7.2.13, and 7.0.19, and FortiProxy versions 7.6.6 and 7.4.13.Federal agencies have been ordered to address CVE-2026-24858 by Jan. 30 following the bug's inclusion to the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog.
Vulnerability Management, Patch/Configuration Management
Actively exploited Fortinet FortiCloud zero-day patched

(Adobe Stock)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



