Auth Bypass via FGFM Path in FortiOS 6.4 and FortiProxy 7.4/7.2 (CVE-2024-26009)
CVE-2024-26009 Published on August 12, 2025
An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS version 6.4.0 through 6.4.15 and before 6.2.16, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8 and before 7.0.15 & FortiPAM before version 1.2.0 allows an unauthenticated attacker to seize control of a managed device via crafted FGFM requests, if the device is managed by a FortiManager, and if the attacker knows that FortiManager's serial number.
Vulnerability Analysis
CVE-2024-26009 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
Authentication Bypass Using an Alternate Path or Channel
A product requires authentication, but the product has an alternate path or channel that does not require authentication.
Products Associated with CVE-2024-26009
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-26009 are published in these products:
Affected Versions
Fortinet FortiPAM:- Version 1.2.0 is affected.
- Version 1.1.0, <= 1.1.2 is affected.
- Version 1.0.0, <= 1.0.3 is affected.
- Version 7.2.0, <= 7.2.3 is affected.
- Version 7.0.0, <= 7.0.3 is affected.
- Version 7.4.0, <= 7.4.2 is affected.
- Version 7.2.0, <= 7.2.8 is affected.
- Version 7.0.0, <= 7.0.15 is affected.
- Version 6.4.0, <= 6.4.15 is affected.
- Version 6.2.0, <= 6.2.16 is affected.
- Version 6.0.0, <= 6.0.18 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.