Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
India Halts WhatsApp Usernames Rollout Due to Fraud Concerns
July 1, 2026
Critical Cursor IDE RCE Vulnerabilities Allow Zero-Click Prompt Injection
July 1, 2026
Automated Password Spray Attacks Target Microsoft Azure CLI
July 1, 2026
Home/CyberSecurity News/Fortinet Patches Critical RCE in FortiAP, High Vulns in FortiOS
CyberSecurity News

Fortinet Patches Critical RCE in FortiAP, High Vulns in FortiOS

Key Takeaways Fortinet has released patches for five vulnerabilities impacting its enterprise security products. The most critical flaw, CVE-2026-26083, affects FortiSandbox and allows...

Jennifer sherman
Jennifer sherman
May 12, 2026 3 Min Read
42 0

Key Takeaways

  • Fortinet has released patches for five vulnerabilities impacting its enterprise security products.
  • The most critical flaw, CVE-2026-26083, affects FortiSandbox and allows unauthenticated remote access to sensitive data.
  • Other vulnerabilities include command injections in FortiAP, a DoS risk in FortiAnalyzer and FortiManager, and an out-of-bounds write in FortiOS.
  • Organizations should immediately apply patches, especially for the critical FortiSandbox vulnerability.

Fortinet has issued a series of security advisories on May 12, 2026, addressing five distinct vulnerabilities across several of its key product lines. These include wireless access point controllers, network operating systems, and enterprise management platforms. Among the released patches is a critical fix for an unauthenticated authorization bypass discovered in FortiSandbox.

Table Of Content

  • Key Takeaways
  • Critical Flaw in FortiSandbox
  • Dual CLI Command Injection in FortiAP
  • DoS Risk in FortiAnalyzer and FortiManager API
  • Out-of-Bounds Write in FortiOS CAPWAP Daemon
  • Vulnerability Summary
  • What You Should Do

Critical Flaw in FortiSandbox

The most significant vulnerability identified is CVE-2026-26083 (FG-IR-26-136), a critical missing authorization flaw (CWE-862). This vulnerability affects FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS. With a Critical severity rating, this flaw is accessible via the graphical user interface (GUI) and, crucially, requires no authentication. This means a remote attacker could potentially gain unauthorized access to restricted functionalities or sensitive sandbox analysis data without needing any credentials.

The affected versions span FortiSandbox 5.0 and 4.4, FortiSandbox Cloud 24, 23, and 5.0, and FortiSandbox PaaS versions from 22.1 through 23.4. Due to its unauthenticated nature, this vulnerability represents the highest priority for immediate patching.

Dual CLI Command Injection in FortiAP

Fortinet also disclosed two separate operating system command injection vulnerabilities impacting the firmware of its wireless access points.

CVE-2025-53680 (FG-IR-26-131) involves the improper neutralization of special elements in OS commands (CWE-78) within the FortiAP command-line interface (CLI). This affects FortiAP 6.4 through 7.6, FortiAP-U 6.2 and 7.0, and FortiAP-W2 7.0 through 7.4.

A second, independent CLI injection flaw, CVE-2025-53870 (FG-IR-26-133), affects FortiAP 6.4 through 7.6 and FortiAP-W2 7.0 through 7.4. Both vulnerabilities are rated Medium severity and necessitate authenticated internal access. However, successful exploitation could enable an attacker with CLI access to execute arbitrary OS-level commands on the affected access point hardware.

DoS Risk in FortiAnalyzer and FortiManager API

CVE-2025-67604 (FG-IR-26-137) highlights a use of a potentially dangerous function (CWE-676) within the API layer of both FortiAnalyzer and FortiManager. Rated Medium, this vulnerability impacts FortiAnalyzer and FortiManager versions 7.0 through 8.0 across both product lines. An authenticated internal attacker could exploit this flaw via the API to trigger a denial-of-service condition, potentially disrupting crucial centralized log analysis and network management operations within enterprise Security Operations Centers (SOCs).

Out-of-Bounds Write in FortiOS CAPWAP Daemon

CVE-2025-53844 (FG-IR-26-123) is an out-of-bounds write vulnerability (CWE-787) found in the CAPWAP (Control and Provisioning of Wireless Access Points) daemon of FortiOS. This flaw affects FortiOS versions 7.2, 7.4, and 7.6. An attacker who controls an access point endpoint could send malformed CAPWAP traffic to potentially crash or compromise the FortiOS process. The attack vector is described as “Others/Internal/Authenticated,” suggesting that the exploit requires an existing foothold within a trusted network segment or a rogue AP scenario.

Vulnerability Summary

CVE Product Severity Vector Auth Required
CVE-2026-26083 FortiSandbox / Cloud / PaaS Critical GUI No
CVE-2025-53680 FortiAP, FortiAP-U, FortiAP-W2 Medium CLI Yes
CVE-2025-53870 FortiAP, FortiAP-W2 Medium CLI Yes
CVE-2025-67604 FortiAnalyzer, FortiManager Medium API Yes
CVE-2025-53844 FortiOS Medium CAPWAP Yes

What You Should Do

  • Prioritize CVE-2026-26083: Organizations utilizing FortiSandbox, FortiSandbox Cloud, or FortiSandbox PaaS must apply the patch for CVE-2026-26083 immediately due to its Critical severity and unauthenticated attack vector.
  • Schedule Patches for Medium Severity Flaws: For the remaining medium-severity vulnerabilities affecting FortiAP, FortiAnalyzer, FortiManager, and FortiOS, security teams should plan to apply available patches during their next scheduled maintenance window.
  • Restrict Access: Ensure that CLI and API access to Fortinet devices is strictly limited to authorized and trusted administrators.
  • Monitor Network Traffic: Implement vigilant monitoring of internal network traffic for any anomalous CAPWAP or API activity that could indicate attempted exploitation.
  • Consult Fortinet Advisories: Refer to Fortinet’s official PSIRT advisory page for detailed patch version information and any potential workarounds.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackCVEExploitPatchSecurityVulnerability

Share Article

Jennifer sherman

Jennifer sherman

Jennifer is a cybersecurity news reporter covering data breaches, ransomware campaigns, and dark web markets. With a background in incident response, Jennifer provides unique insights into how organizations respond to cyber attacks and the evolving tactics of threat actors. Her reporting has covered major breaches affecting millions of users and has helped organizations understand emerging threats. Jennifer combines technical knowledge with investigative journalism to deliver in-depth coverage of cybersecurity incidents.

Previous Post

MSSPs Leverage Live Threat Visibility for Proactive Incident Prevention

Next Post

Critical Fortinet FortiSandbox RCE flaw CVE-2023-34981 patched

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Critical Fluentd Vulnerabilities Allow Remote Code Execution
July 1, 2026
Weaponized Google Ads Install Malicious Claude Code to Hijack macOS
July 1, 2026
Critical Adobe ColdFusion Vulnerabilities Let Attackers Run Code
July 1, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us