CVE‑2026‑24858 is an authentication bypass vulnerability that allows an unauthenticated attacker with a FortiCloud account and a registered device to log into other devices registered to different accounts—provided FortiCloud SSO authentication is enabled on those devices. Attackers could then create local administrative accounts, exfiltrate configuration data, and maintain persistent access to compromised systems.
Software-Defined Wide Area Networking (SD-WAN) receives continuous performance boosts. Recent updates offer better application identification, automated steering for cloud applications (like Microsoft 365 and Zoom), and seamless orchestration with FortiSASE for remote workers. 4. Simplified Management and Hybrid Mesh Firewalling latest fortigate firmware