CERT-In Issues Critical Advisory for FortiOS and FortiProxy Multiple Vulnerabilities

• 30 May, 2026
• No Comments

The Indian Computer Emergency Response Team (CERT-In) has issued a critical severity advisory (CIAD-2026-00XX) regarding multiple vulnerabilities in Fortinet FortiOS and FortiProxy. These vulnerabilities could allow remote attackers to execute arbitrary code, cause denial of service, or bypass authentication on affected systems.

Vulnerability Summary

Multiple stack-based buffer overflow vulnerabilities have been discovered in FortiOS and FortiProxy that could allow an unauthenticated remote attacker to execute arbitrary code by sending specially crafted requests. These vulnerabilities affect all versions prior to the latest patched releases.

Affected Products

• FortiOS 7.6.x — all versions below 7.6.0
• FortiOS 7.4.x — all versions below 7.4.5
• FortiOS 7.2.x — all versions below 7.2.9
• FortiProxy 7.4.x — all versions below 7.4.3
• FortiProxy 7.2.x — all versions below 7.2.9

Recommended Actions

• Immediately upgrade FortiOS to version 7.4.5 or later
• Upgrade FortiProxy to version 7.4.3 or later
• Restrict management access to trusted IP addresses only
• Enable multi-factor authentication on all administrative accounts
• Monitor firewall logs for signs of exploitation attempts

Source: CERT-In

Protect Your Organization with P J Networks

At P J Networks, we understand the critical nature of vulnerabilities like these. Our team of cybersecurity experts provides:

• 24/7 Managed SOC — Round-the-clock monitoring, threat detection, and incident response
• Vulnerability Assessments — Comprehensive scanning and remediation guidance for all your network infrastructure
• Fortinet Security Audits — Specialized assessments for FortiGate, FortiOS, and FortiProxy deployments
• Incident Response & Forensics — Rapid containment and investigation services

Don’t wait for an exploit — secure your infrastructure today.