FORTINET Security Advisory
Published Date: May 12, 2026
Advisory Summary
Fortinet has disclosed a high-severity security flaw (CVSSv3 score 8.3) affecting the CAPWAP daemon in FortiOS. This Out-Of-Bounds Write vulnerability (CWE-787) potentially enables an attacker who already controls an authenticated FortiAP, FortiExtender, or FortiSwitch device to escalate privileges and execute arbitrary code on the associated FortiGate firewall. Given that FortiGate is a core component in many enterprise network infrastructures, this vulnerability poses significant risks of unauthorized access and control over critical network security functions.
IT security teams and infrastructure managers utilizing Fortinet wireless access points, extenders, and switches must prioritize validating the device authentication chain and apply the latest FortiOS patches promptly to mitigate exploitation risks. This flaw underscores the importance of comprehensive device security in multi-component network environments, as an attacker’s foothold in peripheral devices can jeopardize primary security platforms.
Ensure your Fortinet deployments are monitored for unusual activity, and review Fortinet’s advisory for detailed remediation guidance.
🔗
Reference: Vendor Advisory