CVE-2026-44279

Summary

An improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to disclose information via an exported Content Provider URI.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiTokenAndroid6.2.0affected
FortinetFortiTokenAndroid6.1.0affected
FortinetFortiTokenAndroid5.2.0 <= 5.2.2affected

Weaknesses

  • CWE-926: Improper access control

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References