CVE advisoryKnown Exploit
CVE-2026-24858
Fortinet devices can be improperly accessed by attackers if FortiCloud SSO is enabled
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
Fortinet devices with FortiCloud SSO enabled allow attackers to bypass security and access other accounts' devices. This is critical because it grants unauthorized access to network management and security functions.