Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202601-00000025

[Content Description]
Fortinet has released a critical cybersecurity vulnerability announcement (CVE-2026-24858, CVSS: 9.8) regarding FortiCloud SSO. This is an authentication bypass vulnerability that allows attackers with a FortiCloud account and registered devices to log in to other devices registered to other accounts. Note: Fortinet has observed attackers exploiting this vulnerability and recommends taking immediate temporary mitigation measures to prevent potential attacks exploiting this vulnerability.

[Affected Platforms]
FortiAnalyzer versions 7.6.0 to 7.6.5
FortiAnalyzer versions 7.4.0 to 7.4.9
FortiAnalyzer versions 7.2.0 to 7.2.11
FortiAnalyzer versions 7.0.0 to 7.0.15
FortiManager versions 7.6.0 to 7.6.5
FortiManager versions 7.4.0 to 7.4.9
FortiManager versions 7.2.0 to 7.2.11
FortiManager versions 7.0.0 to 7.0.15
FortiOS versions 7.6.0 to 7.6.5
FortiOS versions 7.4.0 to 7.4.10
FortiOS versions 7.2.0 to 7.2.12
FortiOS versions 7.0.0 to 7.0.18
FortiProxy Versions 7.6.0 to 7.6.4
FortiProxy versions 7.4.0 to 7.4.12
All versions of FortiProxy 7.2
All versions of FortiProxy 7.0

[Recommended Action]
Please update to the following versions:
FortiAnalyzer 7.6.6 and later
FortiAnalyzer 7.4.10 and later
FortiAnalyzer 7.2.12 and later
FortiAnalyzer 7.0.16 and later
FortiManager 7.6.6 and later
FortiManager 7.4.10 and later
FortiManager 7.2.13 and later
FortiManager 7.0.16 and later
FortiOS 7.6.6 and later
FortiOS Versions 7.4.11 and later
FortiOS 7.2.13 and later
FortiOS 7.0.19 and later
FortiProxy 7.6.6 and later
FortiProxy 7.4.13 and later

Note: FortiProxy 7.2 and FortiProxy 7.0 should be migrated to the fixed version.

[References]
1. https://www.twcert.org.tw/tw/cp-169-10678-e5cd4-1.html