CVE-2021-26091

High

Published: 24 March 2025

Published

24 March 2025

Modified

23 July 2025

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0027 50.4th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-26091 is a high-severity PRNG (CWE-338) vulnerability in Fortinet Fortimail. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 49.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SC-13 (Cryptographic Protection).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

IA-5 Authenticator Management good match

prevent

Directly requires secure management and generation of authentication tokens using cryptographically strong methods, preventing inference due to weak PRNG.

SC-13 Cryptographic Protection good match

prevent

Mandates use of FIPS-validated cryptographic modules with strong random number generators for protections like those in the Identity Based Encryption authenticator.

SI-2 Flaw Remediation good match

prevent

Requires identification, reporting, and correction of flaws such as the weak PRNG in FortiMail's authenticator, enabling timely patching.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

The CVE describes a remotely exploitable weakness in the authentication token generation of a public-facing FortiMail service, allowing unauthenticated network attackers to infer tokens and perform credential resets, which directly aligns with exploiting public-facing applications.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

A use of a cryptographically weak pseudo-random number generator vulnerability in the authenticator of the Identity Based Encryption service of FortiMail 6.4.0 through 6.4.4, and 6.2.0 through 6.2.7 may allow an unauthenticated attacker to infer parts of users authentication tokens…

and reset their credentials.

Deeper analysisAI

CVE-2021-26091 is a use of a cryptographically weak pseudo-random number generator vulnerability, classified under CWE-338, affecting the authenticator in the Identity Based Encryption service of FortiMail versions 6.4.0 through 6.4.4 and 6.2.0 through 6.2.7. Published on 2025-03-24T16:15:16.450, it carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high confidentiality impact with no integrity or availability disruption.

An unauthenticated attacker with network access can exploit this vulnerability due to its low attack complexity and lack of required privileges or user interaction. Exploitation may allow the attacker to infer portions of users' authentication tokens, enabling credential resets for affected accounts.

The FortiGuard advisory FG-IR-21-031 (https://fortiguard.com/advisory/FG-IR-21-031) details mitigations and patches for this issue.

Details

CWE(s): CWE-338

Affected Products

fortinet

fortimail

6.2.0 — 6.4.5

CVEs Like This One

CVE-2023-47539Same product: Fortinet Fortimail

CVE-2023-33302Same product: Fortinet Fortimail

CVE-2026-22828Same vendor: Fortinet

CVE-2026-21643Same vendor: Fortinet

CVE-2025-59922Same vendor: Fortinet

CVE-2025-49784Same vendor: Fortinet

CVE-2024-45324Same vendor: Fortinet

CVE-2023-42784Same vendor: Fortinet

CVE-2025-54820Same vendor: Fortinet

CVE-2025-24472Same vendor: Fortinet

References

https://fortiguard.com/advisory/FG-IR-21-031
Vendor Advisory · psirt@fortinet.com