PatchSiren cyber security CVE debrief
CVE-2026-21742 Fortinet CVE debrief
A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5.1, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow an authenticated attacker to view cleartext password in response for Secure Message Exchange and Radius queries, if configured.
- Vendor
- Fortinet
- Product
- FortiSOAR
- CVSS
- MEDIUM 5.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-14
- Original CVE updated
- 2026-07-08
- Advisory published
- 2026-04-14
- Advisory updated
- 2026-07-08
Who should care
Security teams and administrators responsible for Fortinet FortiSOAR PaaS and on-premise deployments should prioritize patching this vulnerability to prevent potential exposure of sensitive information.
Technical summary
The vulnerability exists in multiple versions of Fortinet FortiSOAR PaaS and on-premise deployments, specifically in the handling of Secure Message Exchange and Radius queries. An authenticated attacker could potentially view cleartext passwords in responses if these features are configured. This vulnerability affects various versions of FortiSOAR, including PaaS 7.6.0 through 7.6.3, PaaS 7.5.0 through 7.5.2, PaaS 7.4, PaaS 7.3, on-premise 7.6.0 through 7.6.2, on-premise 7.5.0 through 7.5.1, on-premise 7.4, and on-premise 7.3. The vulnerability allows an authenticated attacker to access sensitive information, specifically cleartext passwords, under certain configurations.
Defensive priority
Medium priority due to the requirement for authentication and specific configuration for exploitation.
Recommended defensive actions
- Apply patches or updates provided by Fortinet for the affected FortiSOAR versions.
- Review and update configurations for Secure Message Exchange and Radius queries to minimize exposure.
- Monitor for any unauthorized access or suspicious activity related to FortiSOAR systems.
- Implement additional security measures such as encryption for sensitive data in transit.
- Conduct regular security audits and vulnerability assessments.
Evidence notes
The CVE record and NVD detail provide information on the vulnerability, affected versions, and potential impact. Vendor advisory from Fortinet is available for mitigation and patching guidance. Security teams should verify the configurations of Secure Message Exchange and Radius queries in their FortiSOAR deployments to identify potential exposure. Evidence of exploitation or unauthorized access should be monitored, and additional security measures such as encryption for sensitive data in transit should be considered. Regular security audits and vulnerability assessments are recommended to ensure the security posture of FortiSOAR systems.
Official resources
-
CVE-2026-21742 CVE record
CVE.org
-
CVE-2026-21742 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-04-14T16:16:35.930Z and has not been modified since then. The NVD entry is currently Analyzed.