CVE-2026-0891: Fortinet FortiOS 7.2-7.4

CVSS8.1 NVD 3.1

SeverityHIGH

ExploitationNo exploitation reported

Triage statusNo Known Exploit

ActionPatch this week

CVSS vectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected product

Fortinet FortiOS 7.2-7.4

Remediation Steps

Upgrade FortiOS to version 7.4.5 or 7.2.9 immediately.
If upgrade is not immediately possible, disable HTTP/HTTPS administrative access from the internet.
Audit FortiGate admin accounts for unauthorized new accounts or modified permissions.
Review firewall logs for suspicious authentication attempts from external IPs.
Rotate all FortiGate admin credentials after patching.

References

Coverage on defend.network

Vulnerability Priority Report – Week 3 of March 2026 (March 14–20)
VMware ESXi ransomware exploit; BlackSuit healthcare breach (2026-03-20)

🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.

Affected product

Remediation Steps

References

Coverage on defend.network

Get Critical CVE Alerts