Newly disclosed vulnerability Common Vulnerabilities and Exposures (CVE)-2026-24858 [Common Weakness Enumeration (CWE)-288: Authentication Bypass Using an Alternate Path or Channel] allows malicious actors with a FortiCloud account and a registered device to log in to separate devices registered to other users in FortiOS, FortiManager, FortiWeb, FortiProxy, and FortiAnalyzer, if FortiCloud single sign on (SSO) is enabled on devices.
Users are vulnerable to CVE-2026-24858 even if they updated Fortinet devices to address previously disclosed FortiCloud SSO bypass vulnerabilities CVE-2025-59718 and CVE-2025-59719 [CWE-347: Improper Verification of Cryptographic Signature]. CVE-2025-59718 and CVE-2025-59719 affect FortiOS, FortiWeb, FortiProxy, and FortiSwitch Manager, and allow malicious actors to bypass the SSO login authentication via a crafted Security Assertion Markup Language (SAML) message.
Read more…
Source: U.S. Cybersecurity and Infrastructure Security Agency
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Amazon Confirms Employee Data Was Exposed Through MOVEit Breach
November 12, 2024
In a significant development that underscores the lasting impact of 2023’s MOVEit vulnerability, Amazon has confirmed that employee data was compromised through a third-party property management vendor. The breach, revealed by a threat actor known as “Nam3L3ss,” exposes the continuing ripple effects of one of last year’s most devastating supply chain attacks. The compromise stems from ...
- New Google Chrome Warning As ‘No 0-Day’ Drive-By Cyber Attack Confirmed
November 12, 2024
The cost of zero-day exploits has always been high, especially if they allow an attacker to remotely execute code on a host machine. But why pay hundreds of thousands of dollars for an 0-day when a relatively simple drive-by attack doesn’t need one and can achieve much the same result? That’s what interested an Imperva security ...
- Critical CyberPanel Vulnerability (CVE-2024-51378): How to Stay Protected
November 7, 2024
The SonicWall Capture Labs threat research team became aware of CVE-2024-51378, assessed its impact and developed mitigation measures for the vulnerability. CVE-2024-51378 is a critical vulnerability with a CVSS score of 9.8 in CyberPanel versions 2.3.6 and 2.3.7 that allows unauthenticated remote code execution (RCE). Threat actors, including the PSAUX ransomware group, have been reported exploiting ...
- Cisco Releases Security Advisories for Multiple Products
November 7, 2024
Cisco has released 15 security advisories addressing multiple vulnerabilities, including one critical and two high severity vulnerabilities affecting various products. The critical vulnerability affects Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point, a software that uses wireless backhaul technology to connect appliances. The vulnerability enables command injection, which could allow an attacker to ...
- Update your Android: Google patches two zero-day vulnerabilities
November 6, 2024
Google has announced patches for several high severity vulnerabilities. In total, 51 vulnerabilities have been patched in November’s updates, two of which are under limited, active exploitation by cybercriminals. If your Android phone shows patch level 2024-11-05 or later then the issues discussed below have been fixed. The updates have been made available for Android 12, ...
- CVE-2024-9379: Ivanti Cloud Service Appliance Authenticated SQL Injection
November 1, 2024
The SonicWall Capture Labs threat research team became aware of an authenticated SQL injection vulnerability affecting Ivanti Cloud Service Appliances (CSA). Identified as CVE-2024-9379 and with a moderate score of 6.5 CVSSv3, the vulnerability is more severe than it initially appears due to reported exploitation attempts. Recently, in its October security update, Ivanti announced, “We are ...