Fortinet Patches Exploited Critical Authentication Bypass in FortiCloud SSO

Fortinet has fixed a critical authentication vulnerability in FortiCloud SSO, tracked as CVE-2026-24858. This flaw allowed attackers to bypass authentication and access devices registered under other FortiCloud accounts. The vulnerability was exploited before the patch was released. No additional details about the attacks or their scope have been provided. The source specifies that the flaw specifically affected FortiCloud's SSO mechanism.