Fortinet Blocks Exploited FortiCloud SSO Zero-Day

Fortinet blocks an exploited FortiCloud single sign-on (SSO) vulnerability as it works to develop and release a permanent fix. The company confirmed that threat actors have already taken advantage of the zero-day flaw, identified as CVE-2026-24858, which allows authentication bypass in FortiCloud SSO. In response, Fortinet has disabled SSO connections from devices running affected firmware, aiming to contain the attacks before issuing a software patch.

The cybersecurity firm did not provide a timeline for the patch but urged customers to remain alert. Fortinet’s interim mitigation approach seeks to prevent further compromise, and the company has committed to delivering an update as soon as possible. Users running vulnerable firmware should monitor advisory channels closely to apply the fix immediately upon release. As Fortinet blocks exploited FortiCloud vulnerabilities, the incident underscores the critical role of swift detection and response in modern network defense.

Read the full report at:
https://www.bleepingcomputer.com/news/security/fortinet-blocks-exploited-forticloud-sso-zero-day-until-patch-is-ready/