Topic: cve-2026-24858
-
Fortinet Mitigates Critical FortiCloud SSO Zero-Day Before Patch
A critical authentication bypass flaw (CVE-2026-24858) in Fortinet's FortiCloud SSO was actively exploited, allowing attackers to gain administrative control over devices, even fully patched ones, by creating rogue accounts. Fortinet responded by globally disabling and then restricting FortiCloud...
Read More » -
Fortinet Patches Critical FortiCloud SSO Zero-Day Under Attack
Fortinet has patched a critical zero-day vulnerability (CVE-2026-24858) that allowed attackers to bypass authentication and gain unauthorized administrative access to firewalls and other security appliances. The flaw specifically affected systems with the FortiCloud Single Sign-On feature enabled...
Read More »