Fortinet patches 18 security holes
A total of 18 security notes were released by Fortinet on Wednesday night. Some of them are critical vulnerabilities.
Fortinet Technologies logo sign on the building. Ottawa, ON, Canada - October 15, 2023. Fortinet is a cybersecurity company.
(Image: JHVEPhoto/Shutterstock.com)
Fortinet doesn't call it that, but it held a Patchday in April. The company released 18 security advisories for various products bundled on one day. Fortinet classifies some of them as critical risks.
Insufficient filtering of elements used in a command to the FortiSandbox operating system allows unauthenticated attackers to execute unauthorized code or commands via manipulated HTTP requests (CVE-2026-39808, CVSS 9.1, Risk “critical”). Additionally, malicious actors can exploit a path traversal vulnerability in FortiSandbox's JRPC API to bypass authentication with carefully crafted HTTP requests (CVE-2026-39813, CVSS 9.1, Risk “critical”). FortiSandbox versions 4.4 and 5.0 are affected; versions 4.4.9 and 5.0.6 or newer fix the vulnerability.
Fortinet: Highly risky security vulnerabilities also discovered
In FortiDDoS-F 7.2.1 and 7.2.2, authenticated attackers can exploit an SQL injection vulnerability to inject arbitrary SQL commands with manipulated HTTP requests (CVE-2026-39815, CVSS 7.9, Risk “high”). Version 7.2.3 and newer correct this. Attackers from the network can also, without prior authentication, provoke a heap-based buffer overflow with specially crafted requests in the oftpd daemon of FortiAnalyzer Cloud and FortiManager Cloud 7.6 and subsequently inject malicious code or arbitrary commands (CVE-2026-22828, CVSS 7.3, Risk “high”). Version 7.6.5 or newer fixes this.
FortiClient EMS insufficiently filters certain elements used in SQL commands, opening up an SQL injection vulnerability. Authenticated attackers can exploit this to issue arbitrary SQL queries with manipulated requests (CVE-2026-39809, CVSS 7.1, Risk “high”). FortiClient EMS 7.0 must be migrated to supported software versions to close the vulnerability; versions 7.2.13 and 7.4.6 and newer patch the leak.
Fortinet has also closed numerous other security vulnerabilities in several products. However, the company classifies their risk as medium or low. Admins with Fortinet products in their environment should check if they are using vulnerable software versions and apply the available updates.
Videos by heise
The Fortinet patch collection in March also provided software patches for 18 security vulnerabilities. However, the highest severity level at that time was “high” risk.
(dmk)
