Threat Advisory

Fortinet FortiAuthenticator Vulnerability Exposes RCE

Threat: Vulnerability
Targeted Region: Global
Targeted Sector: Technology & IT
Criticality: Critical
[subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

Multiple security vulnerabilities have been identified in Fortinet's FortiAuthenticator and FortiSandbox products. Affected products and versions include FortiAuthenticator 6.5.7, 6.6.9, and 8.0.3, as well as all supported versions of FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS. These vulnerabilities are primarily remote code execution flaws, which can be exploited by unauthenticated attackers to execute unauthorized code and commands. This poses a significant business risk, as successful exploitation can give attackers a much larger head start than a flaw in an ordinary application. Companies using these products should be aware of the potential consequences of exploitation, including unauthorized access to sensitive data and systems.[/subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

Multiple security vulnerabilities have been identified in Fortinet's FortiAuthenticator and FortiSandbox products. Affected products and versions include FortiAuthenticator 6.5.7, 6.6.9, and 8.0.3, as well as all supported versions of FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS. These vulnerabilities are primarily remote code execution flaws, which can be exploited by unauthenticated attackers to execute unauthorized code and commands. This poses a significant business risk, as successful exploitation can give attackers a much larger head start than a flaw in an ordinary application. Companies using these products should be aware of the potential consequences of exploitation, including unauthorized access to sensitive data and systems.[emaillocker id="1283"]

  • CVE-2026-44277 with a CVSS score of 9.1 – This vulnerability is an improper access control issue that allows unauthenticated attackers to execute unauthorized code and commands by sending specifically crafted requests. This can result in arbitrary code execution and potentially lead to significant business disruption.
  • CVE-2026-26083 with a CVSS score of 9.1 – This vulnerability is a missing authorization issue that also allows unauthenticated attackers to execute arbitrary code and commands via HTTP requests. This can result in unauthorized access to sensitive systems and data.

Exploitation of these vulnerabilities could lead to significant business disruption and potential data breaches. Companies should prioritize patching and upgrading affected products to minimize the risk of exploitation. The urgency of this situation should not be underestimated, as successful exploitation can have far-reaching consequences for businesses.

RECOMMENDATION:

  • We recommend you to update FortiAuthenticator to version 6.5.7, FortiAuthenticator to version 6.6.9, or FortiAuthenticator to version 8.0.3 depending on the release you're using. We recommend you to update FortiSandbox to version 4.4.9 or FortiSandbox to version 5.0.2, depending on release.

REFERENCES:

The following reports contain further technical details:
https://www.csoonline.com/article/4170993/fortinet-fixes-two-critical-rce-flaws-in-fortiauthenticator-and-fortisandbox.html

[/emaillocker]
crossmenu