v7.0 has passed its End of Engineering Support date (EoES) of 2024-03-30 and will soon be approaching End of Support (EoS) as of 2025-09-30. At the same time, Fortinet only has FIPS-CC Certified/CVE-Patched firmware available for v7.0, as work is still ongoing to have builds for v7.2 and v7.4 certified for FIPS-CC and FIPS 140-3 (see also: NIST Cryptographic Module Validation Program - Modules In Process list).

Important Update (2025-10-10):

• Fortinet has released a pre-release/candidate build for FortiOS 7.2 FIPS-CC and has made it available for download on the Fortinet Support Site. The firmware may be found under the following firmware download section: /FortiGate/v7.00/7.2/FIPS-CC-Certification-Pending/7.2.8-FIPS-CC/FIPS-Candidate
• Users currently running the latest FortiOS FIPS-CC 7.0 CVE-Patched build (FIPS-CC-70-21) can upgrade directly to the latest 7.2 FIPS-CC candidate build (FIPS-CC-72-5, at the time of this writing), with no additional upgrade path required.
• Please note that FortiOS 7.2 has not yet completed full certification and is still pending final review by NIST. Fully review the ReadMe file in the firmware download folders before installing the firmware in production environments.  The original article regarding FortiOS 7.0 FIPS-CC continues below:

Fortinet is providing Extended Support specifically for the v7.0 FIPS-CC specialty firmware branch, which includes the original Certified firmware (FIPS-CC-70-6) as well as the subsequent CVE-Patched builds, such as FIPS-CC-70-21 and similar.

The following are the key conditions for this Extended Support:

• Fortinet TAC will continue to offer technical support for clients using the FortiOS v7.0 FIPS-CC specialty firmware, but there will not be extended support for regular v7.0 GA firmware (in the GA case, administrators must upgrade their firmware to a supported release ahead of the EoS date).
• The Fortinet development team will be specifically providing vulnerability patch support for high- and critical-severity CVEs applicable to v7.0 FIPS for at least the next 12 months, but there will not be any extended support for non-CVE related bug fixes.
• Regarding FortiGate Cloud and its enforcement of EoS dates for FortiGate firmware (see also: Requirements):
  • For no-subscription clients, FortiGate Cloud waives the EoS enforcement for FortiGates running in FIPS-CC mode (both for GA firmware as well as the specialty FIPS-CC Certified/CVE-Patched firmware), so users of v7.0 FIPS-CC will retain the ability to integrate with FortiGate Cloud.
  • For subscription clients, EoS enforcement is automatically waived (i.e., subscription users may use any firmware branch regardless of EoS date as long as it is still supported by FortiGate Cloud in general).

For further inquiries on the matter, reach out to a regional Fortinet Sales Engineer or contacts within the Fortinet Account team. At the time of this writing, support will currently be extended beyond the v7.0 EoS date by at least 12 months (September 2026).

Related article:
Technical Tip: How to enable FIPS-CC mode