EUVD-2026-22329
GHSA-6p3p-h3vc-6rh5
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionNVD
A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5.0 through 7.5.2 may allow an unauthenticated attacker to bypass authentication via replaying captured 2FA request. The attack requires being able to intercept and decrypt authentication traffic and precise timing to replay the request before token expiration, which raises the attack complexity.
AnalysisAI
Authentication bypass in Fortinet FortiSOAR allows unauthenticated remote attackers to circumvent two-factor authentication (2FA) protections via replay attacks against intercepted authentication tokens. Affects both PaaS and on-premise deployments of FortiSOAR versions 7.5.0-7.5.2 and 7.6.0-7.6.3. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Identify all FortiSOAR instances in use and document versions and deployment type (PaaS or on-premise); implement network segmentation to restrict access to FortiSOAR management interfaces to trusted security personnel only. Within 7 days: Contact Fortinet support for fixed version availability timeline; plan upgrade testing in isolated environment. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today