Primary

Context

Fortinet FortiOS Out-of-Bounds Write Vulnerability in CAPWAP Daemon Allowing Unauthorized Code Execution

Vulnerability

Patched

A vulnerability allowing out-of-bounds write has been identified in Fortinet FortiOS versions 7.6.0 to 7.6.3, 7.4.0 to 7.4.8, and 7.2.0 to 7.2.11. This vulnerability exists within the CAPWAP daemon and can be exploited by an attacker controlling an authenticated FortiAP, FortiExtender, or FortiSwitch, to execute unauthorized code or commands on the FortiGate device.

Impact

Exploitation of this vulnerability allows for unauthorized code execution on the affected FortiGate device.

Remediation

Users can upgrade Fortinet FortiOS to version 7.6.4 or above, 7.4.9 or above, or 7.2.12 or above, depending on their current version. Consult the Fortinet upgrade tool for guidance. As an alternative, the CAPWAP daemon can be disabled by modifying the system global settings.

Added: May 12, 2026, 6:44 PM

Updated: May 12, 2026, 6:44 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

7.5

exploitability

2.4

remediation

8.3

relevance

8.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

7.5

exploitability

2.4

remediation

8.3

relevance

8.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortinet FortiOS Out-of-Bounds Write Vulnerability in CAPWAP Daemon Allowing Unauthorized Code Execution

Vulnerability

Impact

Remediation

Affected Products

Fortinet FortiOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating