FortiSOAR Software Fails to Properly Verify Two-Factor Authentication

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.5

FortiSOAR Software Fails to Properly Verify Two-Factor Authentication

CVE-2026-23708

Summary

A security issue in certain versions of FortiSOAR software allows an attacker who can intercept and replay two-factor authentication requests to gain unauthorized access. This requires the attacker to have the ability to intercept and decrypt authentication traffic, which limits the risk. Affected users should update to the latest version of FortiSOAR to prevent this type of attack.

Original title

Original description

A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5.0 through 7.5.2 may allow an unauthenticated attacker to bypass authentication via replaying captured 2FA request. The attack requires being able to intercept and decrypt authentication traffic and precise timing to replay the request before token expiration, which raises the attack complexity.

nvd CVSS3.1 7.5

Vulnerability type

CWE-287 Improper Authentication

https://fortiguard.fortinet.com/psirt/FG-IR-26-101

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026