CVE-2026-23708

Summary

A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5.0 through 7.5.2 may allow an unauthenticated attacker to bypass authentication via replaying captured 2FA request. The attack requires being able to intercept and decrypt authentication traffic and precise timing to replay the request before token expiration, which raises the attack complexity.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiSOAR PaaS7.6.0 <= 7.6.3affected
FortinetFortiSOAR PaaS7.5.0 <= 7.5.2affected
FortinetFortiSOAR on-premise7.6.0 <= 7.6.3affected
FortinetFortiSOAR on-premise7.5.0 <= 7.5.2affected

Weaknesses

  • CWE-287: Escalation of privilege

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References