Fortinet FortiManager Remote Code Execution Vulnerability

Release Date: 24 Oct 2024 1766 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

A vulnerability was identified in Fortinet FortiManager. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.

 

Note:

Exploit in the wild has been detected for CVE-2024-47575, a missing authentication for critical function vulnerability in FortiManager fgfmd daemon may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.

Impact

  • Remote Code Execution

System / Technologies affected

  • FortiManager 7.6 version 7.6.0
  • FortiManager 7.4 versions 7.4.0 through 7.4.4
  • FortiManager 7.2 versions 7.2.0 through 7.2.7
  • FortiManager 7.0 versions 7.0.0 through 7.0.12
  • FortiManager 6.4 versions 6.4.0 through 6.4.14
  • FortiManager 6.2 versions 6.2.0 through 6.2.12
  • FortiManager Cloud 7.4 versions 7.4.1 through 7.4.4
  • FortiManager Cloud 7.2 versions 7.2.1 through 7.2.7
  • FortiManager Cloud 7.0 versions 7.0.1 through 7.0.12
  • FortiManager Cloud 6.4 all versions

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Related Link

Related Tags

FortinetRemote Code ExecutionExploit In The Wild

Share with

Previous

Google Chrome Multiple Vulnerabilities

23 Oct 2024 1328 Views

Next

Microsoft Edge Multiple Vulnerabilities

25 Oct 2024 837 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY