CERT-In Issues Critical Advisory for FortiOS and FortiProxy: What Indian Enterprises Must Know

• 03 June, 2026
• No Comments

The Indian Computer Emergency Response Team (CERT-In) has issued a critical severity advisory (CIAD-2026-00XX) regarding multiple vulnerabilities in Fortinet FortiOS and FortiProxy. These vulnerabilities could allow remote attackers to execute arbitrary code, cause denial of service, or bypass authentication on affected systems.

Vulnerability Summary

Multiple stack-based buffer overflow vulnerabilities have been discovered in FortiOS and FortiProxy that could allow an unauthenticated remote attacker to execute arbitrary code by sending specially crafted requests. These vulnerabilities affect all versions prior to the latest patched releases.

Affected Products

• FortiOS 7.6.x — all versions below 7.6.0
• FortiOS 7.4.x — all versions below 7.4.5
• FortiOS 7.2.x — all versions below 7.2.9
• FortiProxy 7.4.x — all versions below 7.4.3
• FortiProxy 7.2.x — all versions below 7.2.9

Recommended Actions

• Immediately upgrade FortiOS to version 7.4.5 or later
• Upgrade FortiProxy to version 7.4.3 or later
• Restrict management access to trusted IP addresses only
• Enable multi-factor authentication on all administrative accounts
• Monitor firewall logs for signs of exploitation attempts

How PJ Networks Can Help

P J Networks provides comprehensive cybersecurity solutions for Indian enterprises, including:

• Fortinet Firewall Deployment & Management — Expert deployment, configuration, and ongoing management of Fortinet firewalls
• Vulnerability Assessments — Identify and remediate vulnerabilities before attackers exploit them
• Managed NOC/SOC Services — 24/7 network and security monitoring by certified professionals
• Security Consulting — Strategic guidance on compliance, architecture, and best practices

Contact PJ Networks today to secure your enterprise infrastructure against evolving cyber threats.