Authentication Lockout Bypass via Race Condition — FG-IR-26-079
Fortinet · Fortinet · FG-IR-26-079
ID
FG-IR-26-079
FG-IR-26-079
Date
Activity
Source
Fortinet
Fortinet
Vendor
Fortinet
Fortinet
Threat
medium
medium
CVSS
3.4
3.4
Summary
CVSSv3 Score: 3.4 An improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiManager and FortiAnalyzer may allow an attacker to bypass bruteforce protections via exploitation of race conditions. Revised on 2026-03-10 00:00:00
Product
Fortinet
What to do
General, cautious steps (verify details in the official source):
- Review exposure and plan remediation based on risk and environment.
- Identify affected product versions in your inventory and verify whether you are impacted.
- Apply vendor patches/updates or recommended mitigations as soon as available.
- Read the official advisory for exact affected versions and remediation steps.