Fortinet Confirms Actively Exploited Critical Authentication Bypass Zero-Day in FortiCloud SSO

Fortinet has confirmed a critical authentication bypass vulnerability in FortiCloud SSO, tracked as CVE-2026-24858, which is currently being actively exploited. The flaw affects devices running vulnerable firmware versions. To mitigate ongoing attacks, Fortinet has blocked FortiCloud SSO connections from these devices. No patch release date has been specified. The vulnerability is classified as a zero-day at the time of confirmation.