MEDIUM🇵🇱 Wersja polska

CVE-2026-44279

CVSS 5.5v3.1pub. 2026-05-12upd. 2026-06-26

An improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to disclose information via an exported Content Provider URI.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • Fortinet Fortitoken Mobile

    APP
    Fortinet
    5.2.05.2.15.2.26.1.06.2.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2021-22131MEDIUM6.4ten sam produkt

A improper validation of certificate with host mismatch in Fortinet FortiTokenAndroid version 5.0.3 and below,...

CVE-2021-44166MEDIUM4.1ten sam produkt

An improper access control vulnerability [CWE-284 ] in FortiToken Mobile (Android) external push notification ...

CVE-2026-35616CRITICAL9.8⚠ KEVPL ✓ten sam vendor

Fortinet FortiClientEMS — nieuwierzytelnione wykonanie kodu (Auth Bypass)

CVE-2026-21643CRITICAL9.8⚠ KEVPL ✓ten sam vendor

SQL Injection w Fortinet FortiClientEMS — nieautoryzowane wykonanie kodu

CVE-2026-24858CRITICAL9.8⚠ KEVPL ✓ten sam vendor

Fortinet – Auth Bypass przez FortiCloud SSO w wielu produktach