Lucene search
K

Vulnerabilities fixed in Fortinet FortiManager and FortiAnalyzer

šŸ—“ļøĀ 11 Mar 2026Ā 09:19:38Reported byĀ NCSCTypeĀ 
ncsc
Ā ncsc
šŸ”—Ā advisories.ncsc.nlšŸ‘Ā 8Ā Views

Fortinet fixed FortiAnalyzer and FortiManager flaws, including stack overflow and certificate validation issues; updates released.

Related
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2026-22629
10 Mar 202616:44
–attackerkb
ATTACKERKB
CVE-2026-22572
10 Mar 202616:44
–attackerkb
ATTACKERKB
CVE-2025-68648
10 Mar 202616:44
–attackerkb
BDU FSTEC
The vulnerability of the fgtupdates service in the Fortinet FortiManager device management software allows a hacker to bypass existing security mechanisms.
11 Mar 202600:00
–bdu_fstec
BDU FSTEC
The vulnerability of the Fortinet FortiManager software, which is used for centralized device management, and the Fortinet FortiAnalyzer software, which is used for event monitoring and analysis, stems from the presence of undocumented configuration commands. This allows a malicious actor to circumvent security restrictions and gain unauthorized access to protected information.
13 Mar 202600:00
–bdu_fstec
BDU FSTEC
The vulnerability of the Fortinet FortiManager software, which is used for centralized device management, and the Fortinet FortiAnalyzer software, which is used for event monitoring and analysis, stems from errors in the certificate validation process. These errors allow attackers to gain unauthorized access to protected information and perform MITM (Man-In-The-Middle) attacks.
17 Mar 202600:00
–bdu_fstec
BDU FSTEC
The vulnerability of the software for centralized device management of Fortinet’s FortiManager and FortiManager Cloud, as well as the security event monitoring and analysis tools Fortinet’s FortiAnalyzer and FortiAnalyzer Cloud, stems from the use of uncontrolled format strings, allowing a perpetrator to execute arbitrary code.
17 Mar 202600:00
–bdu_fstec
BDU FSTEC
The vulnerability of the Fortinet FortiManager software, which is used for centralized device management, and the Fortinet FortiAnalyzer software, which is used for event monitoring and analysis, lies in their susceptibility to being bypassed by an alternative authentication method or channel. This allows attackers to circumvent the multi-factor authentication checks.
17 Mar 202600:00
–bdu_fstec
BDU FSTEC
The vulnerability of the Fortinet FortiManager software, which is used for centralized device management, and the Fortinet FortiAnalyzer software, which is used for event monitoring and analysis, stems from insufficient restrictions on authentication attempts. This allows a malicious actor to circumvent existing security restrictions.
17 Mar 202600:00
–bdu_fstec
BDU FSTEC
The vulnerability of the FortiAnalyzer and FortiAnalyzer-BigData software tools for monitoring and analyzing security events arises from the lack of protective measures for the SQL query structure. This allows attackers to execute arbitrary code.
14 Apr 202600:00
–bdu_fstec
Rows per page

Data

Build on a solid foundation withĀ Vulners data

WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data

Api

Power your application withĀ Vulners API

The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access

App

Assess and manage vulnerabilities withĀ VulnersĀ tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

11 Mar 2026 09:19Current
6.3Medium risk
Vulners AI Score6.3
CVSS 3.17.2 - 8.1
EPSS0.0087
SSVC
8