CVE-2026-23708 PUBLISHED

Assigner: fortinet
Reserved: 15.01.2026 Published: 14.04.2026 Updated: 14.04.2026

A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5.0 through 7.5.2 may allow an unauthenticated attacker to bypass authentication via replaying captured 2FA request. The attack requires being able to intercept and decrypt authentication traffic and precise timing to replay the request before token expiration, which raises the attack complexity.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CVSS Score: 6.7

Attack Vector	Network	Scope	Unchanged
Attack Complexity	High	Confidentiality Impact	High
Privileges Required	None	Integrity Impact	High
User Interaction	Required	Availability Impact	High

CVSS 3.1

Product Status

Vendor	Fortinet
Product	FortiSOAR PaaS
Versions	Default: unaffected affected from 7.6.0 to 7.6.3 (incl.) affected from 7.5.0 to 7.5.2 (incl.)

Vendor	Fortinet
Product	FortiSOAR on-premise
Versions	Default: unaffected affected from 7.6.0 to 7.6.3 (incl.) affected from 7.5.0 to 7.5.2 (incl.)

Solutions

Upgrade to FortiSOAR PaaS version 7.6.4 or above Upgrade to upcoming FortiSOAR PaaS version 7.5.3 or above Upgrade to FortiSOAR on-premise version 7.6.4 or above Upgrade to upcoming FortiSOAR on-premise version 7.5.3 or above

References

https://fortiguard.fortinet.com/psirt/FG-IR-26-101

Problem Types

Escalation of privilege CWE