CVE-2026-23708
Authentication Bypass via 2FA Replay in Fortinet FortiSOAR
Publication date: 2026-04-14
Last updated on: 2026-05-06
Assigner: Fortinet, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| fortinet | fortisoar | From 7.5.0 (inc) to 7.5.3 (exc) |
| fortinet | fortisoar | From 7.6.0 (inc) to 7.6.4 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-287 | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an improper authentication issue in Fortinet FortiSOAR PaaS and on-premise versions 7.5.0 through 7.6.3. It allows an unauthenticated attacker to bypass the authentication process by replaying a captured two-factor authentication (2FA) request.
To exploit this vulnerability, the attacker must be able to intercept and decrypt the authentication traffic and then replay the 2FA request with precise timing before the token expires. This makes the attack complex to perform.
How can this vulnerability impact me? :
If exploited, this vulnerability can allow an attacker to bypass authentication controls without valid credentials, potentially gaining unauthorized access to the FortiSOAR system.
Such unauthorized access could lead to compromise of confidentiality, integrity, and availability of the system and its data, as indicated by the CVSS score which rates the impact on confidentiality, integrity, and availability as high.