CVE-2026-44279
Published May 12, 2026
·Updated
A improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to improper access control via <insert attack vector here>
Affected Software
8 affected components
Fortinet FortiTokenAndroid=6.2 (all versions)
Fortinet FortiTokenAndroid=6.1 (all versions)
Fortinet FortiTokenAndroid=5.2 (all versions)
Fortinet Fortitoken Mobile Android=5.2.0
Fortinet Fortitoken Mobile Android=5.2.1
Fortinet Fortitoken Mobile Android=5.2.2
Fortinet Fortitoken Mobile Android=6.1.0
Fortinet Fortitoken Mobile Android=6.2.0
Remediation
Information
Upgrade to FortiTokenAndroid version 6.4.0 or above
Event History
May 12, 2026
CVE Published
via MITRE·04:54 PM
Data Sourced
via MITRE·04:54 PM
RemedyDescriptionSeverityWeakness
Data Sourced
via NVD·06:17 PM
DescriptionSeverityWeaknessAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2026-44279?
CVE-2026-44279 is rated as a high severity vulnerability due to the potential for unauthorized access.
2
How do I fix CVE-2026-44279?
To fix CVE-2026-44279, users should update Fortinet FortiTokenAndroid to the latest version.
3
Which versions of Fortinet FortiTokenAndroid are affected by CVE-2026-44279?
CVE-2026-44279 affects all versions of Fortinet FortiTokenAndroid 6.2, 6.1, and 5.2.
4
What types of attacks can exploit CVE-2026-44279?
CVE-2026-44279 can be exploited through improper access control methods.
5
Is there a workaround for CVE-2026-44279?
Currently, the recommended mitigation for CVE-2026-44279 is to apply the available software updates from Fortinet.