CVE-2026-24858 - Geek Feed

Security
Tech News

Fortinet blocks exploited FortiCloud SSO zero day until patch is ready

January 31, 2026January 31, 2026 geekfeed0Tagged 0day, Actively Exploited, Authentication Bypass, CVE-2026-24858, FortiCloud, Fortinet, SSO, Zero-Day

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks by blocking FortiCloud SSO connections from devices running vulnerable firmware versions. The flaw allows attackers to abuse FortiCloud SSO to gain administrative access to FortiOS, FortiManager, and FortiAnalyzer devices registered […]

4 mins read