Descriptive Alt Text

Critical Vulnerability in Fortinet FortiOS and FortiProxy

January 15, 2025 Reading Time: 2 minutes

The National Cyber Security Centre (NCSC) has issued an advisory regarding a critical vulnerability, CVE-2024-55591, impacting Fortinet’s FortiOS and FortiProxy products. This vulnerability is particularly severe, with a CVSS score of 9.6, signifying a critical risk to affected systems.

Impact of the Vulnerability

The vulnerability stems from an authentication bypass using an alternate path or channel (CWE-288). Exploiting this flaw allows a remote attacker to achieve super-admin privileges through carefully crafted requests directed to the Node.js WebSocket module. Once exploited, this could provide attackers with unrestricted access to critical systems and sensitive data.

Affected Versions

The following product versions are vulnerable:

  • FortiOS

    • Versions: 7.0.0 to 7.0.16

  • FortiProxy

    • Versions: 7.0.0 to 7.0.19
    • Versions: 7.2.0 to 7.2.12

Recommendations

To mitigate this critical vulnerability, the NCSC strongly advises affected organisations to take immediate action:

  1. Update Vulnerable Systems - Install the latest security updates from Fortinet as a priority. Updates should only be applied after proper testing in your environment to minimize potential disruptions.

  2. Review Release Notes - Familiarise yourself with the details provided in the release notes accompanying the updates to ensure a smooth patching process.

  3. Investigate Indicators of Compromise (IoCs) - Proactively scan your systems for potential IoCs that could indicate malicious activity. Refer to resources provided by Fortinet for guidance.

  4. Consult Fortinet Resources - Detailed information, updates, and remediation guidance can be found at:

Reducing the Risk of Exploitation

Given the critical nature of CVE-2024-55591, organisations must act swiftly to secure their environments. Unpatched systems are at significant risk of compromise, potentially leading to unauthorised access, data breaches, or service disruptions.

For tailored solutions to safeguard your business from cybersecurity threats, contact our team today . Fill out the form below to get started, and let our experts help you enhance your cybersecurity posture. 👇

Recent Posts

Let's Talk About Your Project

Leave us your details and one of our team will reach out to explore how we can assist with your cybersecurity requirements.

Postal address

The BASE Enterprise Centre

Railway Road

Stranorlar

Co. Donegal

Ireland

F93 VAK6

Phone number
IE: +353 74 970 7876 | UK: +44 20 4538 2818
Email
info@secoraconsulting.com

To learn more about your data and privacy rights, visit our Privacy Statement.