Primary

Context

Fortinet FortiOS Improper Verification of Source Vulnerability in FSSO Terminal Services Agent

Vulnerability

Patched

A vulnerability allowing improper verification of the source of a communication channel has been identified in Fortinet FortiOS versions 7.6.0 to 7.6.4, 7.4.0 to 7.4.9, 7.2 (all versions), and 7.0 (all versions). This vulnerability may enable an authenticated user with knowledge of FSSO policy configurations to gain unauthorized access to protected network resources by sending crafted requests.

Impact

Exploitation of this vulnerability could lead to unauthorized access to protected network resources.

Remediation

Users can upgrade Fortinet FortiOS to version 7.6.5 or above, or to the upcoming 7.4.10 or above. For Fortinet FortiOS 7.2 and 7.0, users should migrate to a fixed release. Additionally, the FSSO Terminal Services Agent should be upgraded to version 5.0 build 0324 or later.

Added: Feb 10, 2026, 4:26 PM

Updated: Feb 10, 2026, 4:26 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

0.6

exploitability

4.5

remediation

7.7

relevance

2.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

0.6

exploitability

4.5

remediation

7.7

relevance

2.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortinet FortiOS Improper Verification of Source Vulnerability in FSSO Terminal Services Agent

Vulnerability

Impact

Remediation

Affected Products

Fortinet FortiOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating