FORTINET: 📅 Published on November 18, 2025 (Revised May 27, 2026)

FORTINET Security Advisory

Published Date: November 18, 2025 (Revised May 27, 2026)

Advisory Summary

⚠️ Improper Privilege Management Vulnerability in Fortinet Infrastructure ⚠️

Fortinet has identified a low-severity security vulnerability (CVSSv3 score: 1.8) affecting FortiOS, FortiProxy, and FortiPAM products. This Improper Privilege Management issue (CWE-269) enables an authenticated administrator to circumvent the trusted host policy by executing specially crafted CLI commands.

This bypass risk could potentially allow unauthorized access extensions within trusted environments, emphasizing the importance of strict privilege and access management controls in Fortinet’s infrastructure components. Enterprises leveraging these Fortinet platforms should promptly review and apply any recommended patches or mitigations issued in the latest advisory updated on May 27, 2026.

• Audit current trusted host configurations in affected Fortinet products.
• Apply the latest software updates or patches released by Fortinet.
• Monitor administrative CLI activities for unusual or unauthorized commands.
• Reinforce multi-factor authentication and role-based access control to reduce risk.

Staying vigilant on such privilege bypass vulnerabilities is critical to maintaining robust security posture in network infrastructure.

🔗

Reference: Vendor Advisory