FortiOS Authentication Bypass Vulnerability Lets Attackers Bypass LDAP Authentication

Fortinet has disclosed a high-severity authentication bypass vulnerability in FortiOS, tracked as CVE-2026-22153 (FG-IR-25-1052), that could allow unauthenticated attackers to sidestep LDAP authentication for Agentless VPN or Fortinet Single Sign-On (FSSO) policies. Classified under CWE-305 (Authentication Bypass by Primary Weakness), the flaw resides in the fnbamd daemon and requires specific LDAP server configurations enabling unauthenticated […]

The post FortiOS Authentication Bypass Vulnerability Lets Attackers Bypass LDAP Authentication appeared first on Cyber Security News.