CVE-2026-24858
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-24858
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager 7.4.0 through 7.4.9, FortiManager 7.2.0 through 7.2.11, FortiManager 7.0.0 through 7.0.15, FortiOS 7.6.0 through 7.6.5, FortiOS 7.4.0 through 7.4.10, FortiOS 7.2.0 through 7.2.12, FortiOS 7.0.0 through 7.0.18, FortiProxy 7.6.0 through 7.6.4, FortiProxy 7.4.0 through 7.4.12, FortiProxy 7.2.0 through 7.2.15, FortiProxy 7.0.0 through 7.0.22, FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用候选路径或通道进行的认证绕过
Source: NVD (National Vulnerability Database)
Vulnerability Title
Fortinet多款产品 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Fortinet FortiOS等都是美国飞塔(Fortinet)公司的产品。Fortinet FortiOS是一套专用于FortiGate网络安全平台上的安全操作系统。Fortinet FortiManager是一套集中化网络安全管理平台。Fortinet FortiAnalyzer是一套集中式网络安全报告解决方案。 Fortinet多款产品存在安全漏洞,该漏洞源于使用替代路径或通道的身份验证绕过,可能导致攻击者登录其他账户注册的设备。以下产品及版本受到影响:FortiAnalyzer 7.6.0至7.
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Fortinet | FortiOS | 7.6.0 ~ 7.6.5 | cpe:2.3:o:fortinet:fortios:7.6.5:*:*:*:*:*:*:* | |
| Fortinet | FortiManager | 7.6.0 ~ 7.6.5 | cpe:2.3:o:fortinet:fortimanager:7.6.5:*:*:*:*:*:*:* | |
| Fortinet | FortiAnalyzer | 7.6.0 ~ 7.6.5 | cpe:2.3:o:fortinet:fortianalyzer:7.6.5:*:*:*:*:*:*:* | |
| Fortinet | FortiProxy | 7.6.0 ~ 7.6.4 | cpe:2.3:a:fortinet:fortiproxy:7.6.4:*:*:*:*:*:*:* | |
| Fortinet | FortiWeb | 8.0.0 ~ 8.0.3 | cpe:2.3:a:fortinet:fortiweb:8.0.3:*:*:*:*:*:*:* |
II. Public POCs for CVE-2026-24858
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | 아직 제로데이인거 같아, 공개되거나 천천히 분석할 예정.... | https://github.com/m0d0ri205/CVE-2026-24858 | POC Details |
| 2 | CVE-2026-24858 FortiCloud Single Sign On (SSO) a factory default enabled feature once you register any FortiGate/FortiManager/FortiAnalyzer contains a critical authentication bypass flaw. | https://github.com/absholi7ly/CVE-2026-24858-FortiCloud-SSO-Authentication-Bypass | POC Details |
| 3 | A Proof-of-Concept demonstrating the application of 3D Navier-Stokes CTT formulations to packet flow optimization and defensive bypass. | https://github.com/SimoesCTT/-CTT-NSP-Convergent-Time-Theory---Network-Stack-Projection-CVE-2026-24858- | POC Details |
| 4 | While Fortinet's January 27, 2026 mitigation for **CVE-2026-24858** focuses on blocking specific accounts like `cloud-noc@mail.io`, it fails to address the **Temporal Vulnerability** of the SAML state machine. | https://github.com/SimoesCTT/SCTT-2026-33-0004-FortiCloud-SSO-Identity-Singularity | POC Details |
| 5 | CVE-2026-24858 - Administrative FortiCloud SSO authentication bypass | https://github.com/gagaltotal/cve-2026-24858 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-24858
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same weakness: CWE-288
- CVE-2026-41308
Password Pusher: JSON API `/p.json` file upload alias bypass - CVE-2026-7458
User Verification by PickPlugins <= 2.0.46 - Unauthenticated - CVE-2026-7567
Temporary Login <= 1.0.0 - Authentication Bypass to Account - CVE-2026-40022
Apache Camel Platform HTTP Main: Authentication Bypass on No - CVE-2026-40630
SenseLive X3050 Authentication bypass using an alternate pat
V. Comments for CVE-2026-24858
No comments yet