Today, CISA announced that it had added an authentication bypass using an alternate path or channel vulnerability in multiple FortiGuard products. FortiGuard reported the vulnerability today, after internal reporting on efforts to contain exploits of the vulnerability in their FortiCloud product starting on January 22nd, 2026.
CISA has told federal agencies operating the affected FortiGuard
products to apply mitigations per vendor instructions, follow applicable BOD
22-01 guidance for cloud services, or discontinue use of the product if
mitigations are unavailable. A deadline of January 30th, 2026 has
been set.
Posts
No comments:
Post a Comment