Warning: Fortinet patched 22 vulnerabilities in multiple products, Patch Immediately!

• Last Update: 11/03/2026

    * Affected products:
         → Multiple Fortinet Products

    * Type: Multiple types including Authentication Bypass, Heap-based Buffer Overflow & Cleartext Storage of Sensitive Information.

    * CVE/CVSS:

• CVE-2026-22627: CVSS 8.8 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
• CVE-2025-54820: CVSS 8.1 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
• CVE-2026-24017: CVSS 8.1 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
• CVE-2026-24018: CVSS 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Sources

Fortinet - https://fortiguard.fortinet.com/psirt?page=1&date=&severity=&product=&component=&version= https://fortiguard.fortinet.com/psirt?page=1&date=&severity=&product=&component=&version=

Risks

Fortinet has released security updates addressing 22 vulnerabilities, including high-severity flaws affecting FortiWeb, FortiSwitchAX, FortiManager, and FortiClientLinux. If exploited, these high-severity issues could allow remote, unauthenticated attackers to bypass authentication rate limits or execute unauthorized code and commands.

The update also resolves several medium- and low-severity vulnerabilities. These flaws pose risks ranging from data tampering and security bypasses to denial-of-service (DoS), privilege escalation, and information disclosure. At this time, Fortinet reports no evidence that any of these vulnerabilities are being actively exploited in the wild.

Description

CVE-2026-22627 (Critical - CVSS 8.8)
This vulnerability can be exploited by an attacker who has access to the same local network segment as the affected system. Because it does not require authentication and has low attack complexity, exploitation may be straightforward.

If successfully exploited, this vulnerability may allow an unauthenticated attacker within the same adjacent network to execute unauthorized code or commands on the device via sending a crafted LLDP packet.

CVE-2025-54820 (Critical – CVSS 8.1)
This vulnerability is remotely exploitable over the network and does not require authentication. Although the attack complexity is high, meaning specific conditions must be met, successful exploitation can have severe consequences.

An attacker who successfully exploits this vulnerability may allow a remote unauthenticated attacker to execute unauthorized commands via crafted requests, if the service is enabled. The success of the attack depends on the ability to bypass the stack protection mechanisms.

CVE-2026-24017 (Critical – CVSS 8.1)
This vulnerability shares similar characteristics to CVE-2025-54820 and is also remotely exploitable without authentication.

If exploited, this vulnerability may allow a remote unauthenticated attacker to bypass the authentication rate-limit via crafted requests. The success of the attack depends on the attacker's resources and the password target complexity.

CVE-2026-24018 (High – CVSS 7.8)
This is a local privilege escalation vulnerability that requires an attacker to already have low-level access to the system. Because exploitation is considered low complexity, an attacker who gains initial access through another vector may quickly escalate privileges.

Successful exploitation may allow a local and unprivileged user to escalate their privileges to root.

Recommended Actions

Patch 
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority after thorough testing.

Monitor/Detect 
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.

In case of an intrusion, you can report an incident via https://ccb.belgium.be/cert/report-incident.

While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.

References

SecurityWeek - https://www.securityweek.com/fortinet-ivanti-intel-patch-high-severity-vulnerabilities/