3:50pm, 15 January 2025
TLP Rating:
Vulnerability affecting FortiOS and FortiProxy
CVE-2024-55591 is an Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS and FortiProxy that may allow a remote attacker to gain super-admin privileges via crafted requests to Node.js WebSocket module.
The NCSC is aware of active exploitation of this vulnerability.
An upgrade to the versions outlined in the vendor advisory is required.
What's happening
Systems affected
FortiOS
- 7.0.0 through 7.0.16
FortiProxy
- 7.0.0 through 7.0.19
- 7.2.0 through 7.2.12
What this means
FortiOS and FortiProxy versions listed above are vulnerable to CVE-2024-55591.
What to look for
How to tell if you're at risk
If you are running the vulnerable versions of FortiOS or FortiProxy listed above.
What to do
Prevention
FortiOS needs to be upgraded to:
- 7.0.17 or above
FortiProxy versions that are affected need to be upgraded.
- 7.0.0 through 7.0.19 need to be upgraded to 7.0.20 or above.
- 7.2.0 through 7.2.12 need to be upgraded to 7.2.13 or above.
More information
Fortinet Advisory:
PSIRT | FortiGuard Labs External Link
How helpful was this page?
This site is protected by reCAPTCHA and the Google Privacy Policy External Link and Terms of Service External Link apply.