Refine your search
1 vulnerability found for FortiTokenAndroid by Fortinet
CVE-2026-44279 (GCVE-0-2026-44279)
Vulnerability from cvelistv5
Published
2026-05-12 16:54
Modified
2026-05-12 19:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-926 - Improper access control
Summary
A improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to improper access control via <insert attack vector here>
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiTokenAndroid |
Version: 6.2.0 Version: 6.1.0 Version: 5.2.0 ≤ 5.2.2 cpe:2.3:a:fortinet:fortitokenandroid:6.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortitokenandroid:6.1.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortitokenandroid:5.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortitokenandroid:5.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortitokenandroid:5.2.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T18:59:55.342232Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:02:36.321Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortitokenandroid:6.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortitokenandroid:6.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortitokenandroid:5.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortitokenandroid:5.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortitokenandroid:5.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiTokenAndroid",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "6.2.0"
},
{
"status": "affected",
"version": "6.1.0"
},
{
"lessThanOrEqual": "5.2.2",
"status": "affected",
"version": "5.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to improper access control via \u003cinsert attack vector here\u003e"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:54:09.625Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-130",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-130"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiTokenAndroid version 6.4.0 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2026-44279",
"datePublished": "2026-05-12T16:54:09.625Z",
"dateReserved": "2026-05-05T17:24:18.895Z",
"dateUpdated": "2026-05-12T19:02:36.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}