Critical Vulnerability in Fortinet FortiOS and FortiProxy
The National Cyber Security Centre (NCSC) has issued an advisory regarding a critical vulnerability, CVE-2024-55591, impacting Fortinet’s FortiOS and FortiProxy products. This vulnerability is particularly severe, with a CVSS score of 9.6, signifying a critical risk to affected systems. Impact of the Vulnerability The vulnerability stems from an authentication bypass using an alternate path or channel (CWE-288). Exploiting this flaw allows a remote attacker to achieve super-admin privileges through carefully crafted requests directed to the Node.