Newly disclosed vulnerability Common Vulnerabilities and Exposures (CVE)-2026-24858 [Common Weakness Enumeration (CWE)-288: Authentication Bypass Using an Alternate Path or Channel] allows malicious actors with a FortiCloud account and a registered device to log in to separate devices registered to other users in FortiOS, FortiManager, FortiWeb, FortiProxy, and FortiAnalyzer, if FortiCloud single sign on (SSO) is enabled on devices.
Users are vulnerable to CVE-2026-24858 even if they updated Fortinet devices to address previously disclosed FortiCloud SSO bypass vulnerabilities CVE-2025-59718 and CVE-2025-59719 [CWE-347: Improper Verification of Cryptographic Signature]. CVE-2025-59718 and CVE-2025-59719 affect FortiOS, FortiWeb, FortiProxy, and FortiSwitch Manager, and allow malicious actors to bypass the SSO login authentication via a crafted Security Assertion Markup Language (SAML) message.
Read more…
Source: U.S. Cybersecurity and Infrastructure Security Agency
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Zyxel Releases Advisory for Exploited Vulnerability CVE-2024-11667
December 2, 2024
Zyxel has released a security advisory addressing recent targeting of its firewall products. Attackers have been observed exploiting vulnerabilities patched in September (see Cyber Alert CC-4541) and a previously undisclosed high severity vulnerability. CVE-2024-11667 is a path traversal vulnerability and has a CVSSv3 score of 7.5. If exploited, an attacker could download or upload files via ...
- SonicWall Releases Security Updates for SMA100 NetExtender for Windows (CVE-2024-29014)
November 27, 2024
SonicWall has released a security update addressing a vulnerability in the Windows (32 and 64-bit) versions of SonicWall SMA100 NetExtender. SMA100 NetExtender is a virtual private network (VPN) client. This vulnerability tracked as CVE-2024-29014, may allow an attacker to execute arbitrary code when processing an EPC Client update. CVE-2024-29014 was originally assigned a CVSSv3 score of ...
- Update now – Apple confirms vulnerabilities are already being exploited
November 20, 2024
Apple has released security patches for most of its operating systems, including iOS, Mac, iPadOS, Safari, and visionOS. The updates for iOS and Intel-based Mac systems are especially important, as they tackle vulnerabilities that are being actively exploited by cybercriminals. You should make sure you update as soon as you can. To check if you’re using ...
- Sitting Duck Cyber Attacks – Warning Issued As Websites Targeted
November 20, 2024
A cybersecurity threat known as a sitting duck exploit is thought to be putting more than one million websites at risk of attack, according to threat intelligence analysts. The fact that the attack methodology remains underreported could be the reason why Infoblox security researchers called the discovery of multiple hackers using the vulnerability across widespread cyber ...
- Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated)
November 20, 2024
Palo Alto Networks and Unit 42 are engaged in tracking a limited set of exploitation activity related to CVE-2024-0012 and and CVE-2024-9474 and are working with external researchers, partners, and customers to share information transparently and rapidly. Fixes for both vulnerabilities are available. Please refer to the Palo Alto Networks Security Advisories (CVE-2024-0012, CVE-2024-9474) for additional details. ...
- Palo Alto Networks Releases Critical Security Advisory for PAN-OS
November 18, 2024
Palo Alto Networks has issued a critical severity security advisory for an authentication bypass vulnerability, known as CVE-2024-0012, affecting the PAN-OS management web interface. CVE-2024-0012 has a CVSSv4 score of 9.3 when access is allowed to the management interface from external IP addresses on the internet. However, if access is restricted to a jump box that ...