FortiNet Exploit Bypasses Security

A critical security flaw, CVE-2024-26009, has been identified in several Fortinet products, including FortiOS, FortiProxy, and FortiPAM systems. This high-severity authentication bypass vulnerability, with a CVSS score of 7.9, enables unauthenticated attackers to gain full administrative control. By exploiting the FortiGate-to-FortiManager (FGFM) protocol, attackers can execute unauthorized commands, posing a significant risk to affected systems.

The vulnerability requires attackers to know the FortiManager’s serial number to craft malicious requests, which can lead to complete system compromise. Affected versions include FortiOS 6.0 through 6.4.15, FortiProxy 7.0.0 through 7.4.2, and FortiPAM 1.0 through 1.2. Organizations using these systems are urged to take immediate action to prevent potential exploits and secure their networks.

To mitigate the risk, Fortinet recommends upgrading to patched versions, such as FortiOS 6.4.16 or higher, depending on the product. Utilizing Fortinet’s upgrade tools can help ensure a smooth patching process while minimizing disruptions. Prompt action is essential to protect systems from this critical vulnerability and maintain network security.

More info about this threat can be found here.