Alert: Fortinet Security Updates – January, 2026
Fortinet has released a security update addressing multiple vulnerabilities across its products. These vulnerabilities affect several Fortinet products, including, but not limited to, FortiOS, FortiSIEM, FortiProxy, and FortiSwitchManager.
Affected Systems:
The affected systems and versions include, but are not limited to:
-
FortiOS: 7.6 < 7.6.4; 7.4 < 7.4.9; 7.2 < 7.2.12; 7.0 < 7.0.18; 6.4 < 6.4.17
-
FortiSIEM: 7.4 < 7.4.1; 7.3 < 7.3.5; 7.2 < 7.2.7; 7.1 < 7.1.9; 7.0.0-7.0.4; 6.7.0-6.7.10
-
FortiSwitchManager: 7.2 < 7.2.7; 7.0 < 7.0.6
-
FortiProxy: 7.0.0 through 7.0.4; (2.0; 1.2; 1.1; 1.0) all versions.
Security Risks
Successful exploitation of the vulnerabilities in Fortinet software could allow unauthorized individuals to gain access to and control of affected systems.
For a complete list of the security patches released by Fortinet, please refer to the official Fortinet security advisory.
Recommended Actions
The National Cyber Security Authority (NCSA) strongly recommends that system administrators:
1. Follow Fortinet Security Advisory to lower the risk of potential exploits, protect systems, and ensure their security.
2. Apply the required and latest security updates as soon as possible. The released software versions for upgrade include, but are not limited to:
-
FortiOS: Upgrade to 7.6.4 or above, 7.4.9 or above, 7.2.12 or above, 7.0.18 or above, or upcoming 6.4.17 or above.
-
FortiSIEM: Upgrade to FortiSIEM 7.4.1 or above, 7.3.5 or above, 7.2.7 or above, or 7.1.9 or above; for versions 7.0.0 through 7.0.4 or 6.7.0 through 6.7.10, migrate to a fixed release.
-
FortiSwitchManager: Upgrade to 7.2.7 or above, 7.0.6 or above
-
FortiProxy: Upgrade to version 7.0.5 and above
3. Before performing any update tasks, ensure that you have a backup of your data.
For further information and support, please contact NCSA by email at rwcsirt@ncsa.gov.rw or call us at 9009.
References
19 January 2026
More updates