Improper Auth. in FortiSOAR 7.57.6.3 via 2FA Replay
CVE-2026-23708 Published on April 14, 2026
A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5.0 through 7.5.2 may allow an unauthenticated attacker to bypass authentication via replaying captured 2FA request. The attack requires being able to intercept and decrypt authentication traffic and precise timing to replay the request before token expiration, which raises the attack complexity.
Vulnerability Analysis
CVE-2026-23708 is exploitable with network access, requires user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
What is an authentification Vulnerability?
When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.
CVE-2026-23708 has been classified to as an authentification vulnerability or weakness.
Products Associated with CVE-2026-23708
stack.watch emails you whenever new vulnerabilities are published in Fortinet Fortisoarpaas or Fortinet Fortisoaron Premise. Just hit a watch button to start following.
Affected Versions
Fortinet FortiSOAR PaaS:- Version 7.6.0, <= 7.6.3 is affected.
- Version 7.5.0, <= 7.5.2 is affected.
- Version 7.6.0, <= 7.6.3 is affected.
- Version 7.5.0, <= 7.5.2 is affected.