Skip to main content
FoysalAhamed
FoysalAhamed
New Member
February 2, 2026
Question

Administrative FortiCloud SSO authentication bypass CVE ID: CVE-2026-24858

  • February 2, 2026
  • 1 reply
  • 2675 views

AS pere FortiGuard Advisory FG-IR-26-060 https://www.fortiguard.com/psirt/FG-IR-26-060, we are planning an emergency upgrade to remediate CVE-2026-24858 (Critical SSO Authentication Bypass).

Forti OS to 7.4.11 or 7.6.6 this both are newly released. Any one upgrade this FortiOS and found any problem.

1 reply

kaman
Staff
kaman
Staff
February 2, 2026

Hi FoysalAhamed,

To prevent being affected by this vulnerability on vulnerable versions, please turn off the FortiCloud login feature (if enabled) temporarily until upgrading to a non-affected version.


Please refer to the Release Note before upgradation:

https://docs.fortinet.com/document/fortigate/7.4.11/fortios-release-notes/236526/known-issues

https://docs.fortinet.com/document/fortigate/7.6.6/fortios-release-notes/236526


Regards,
Aman

Terms & ConditionsAccessibility statement