High Severity Vulnerabilities in Fortinet Products

Background

Fortinet has released a security advisory addressing multiple vulnerabilities across its core enterprise products. The vulnerabilities include authentication bypass and buffer overflow flaws that may enable remote attackers to execute arbitrary commands or escalate privileges.

Impact

Successful exploitation of these vulnerabilities could allow:

• CVE-2026-22627: An unauthenticated attacker within the same adjacent network to execute unauthorised code or commands on the device by sending a crafted Link Layer Discovery Protocol (LLDP) packet.

• CVE-2026-24017: A remote unauthenticated attacker to bypass the authentication rate-limit via crafted requests.

• CVE-2025-54820: A remote unauthenticated attacker to execute unauthorised commands via crafted requests, if the service is enabled.

• CVE-2026-24018: A local and unprivileged user to escalate their privileges to root.

Affected Products

The following product versions are affected by the vulnerabilities.

For CVE-2026-22627:

• FortiSwitchAXFixed 1.0.0 through 1.0.1

For CVE-2026-24017:

• FortiWeb 8.0.0 through 8.0.2

• FortiWeb 7.6.0 through 7.6.5

• FortiWeb 7.4.0 through 7.4.10

• FortiWeb 7.2.0 through 7.2.11

• FortiWeb 7.0.0 through 7.0.11

For CVE-2025-54820:

• FortiManager 7.4.0 through 7.4.2

• FortiManager 7.2.0 through 7.2.10

• FortiManager 6.4 all versions

For CVE-2026-24018:

• FortiClientLinux 7.4.0 through 7.4.4

• FortiClientLinux 7.2.2 through 7.2.12

Recommendations

Users and administrators of affected product versions are advised to update to the latest versions immediately. 

References

https://cybersecuritynews.com/fortinet-security-update-march/

https://fortiguard.fortinet.com/psirt?filter=1&version=&keyword=

https://nvd.nist.gov/vuln/detail/CVE-2026-22627

https://nvd.nist.gov/vuln/detail/CVE-2026-24017

https://nvd.nist.gov/vuln/detail/CVE-2025-54820

https://nvd.nist.gov/vuln/detail/CVE-2026-24018