WNE Security News

Read more about “CVE-2024-55591 Fortinet FortiOS Authorization Bypass Vulnerability” and the most important cybersecurity news to stay up to date with

CVE-2024-55591 Fortinet FortiOS Authorization Bypass Vulnerability

Cybersecurity Service Provider

WNE Security Publisher

1/15/2025

(2024-55591) Base Score:

Vendors Mitigation Instructions

9.5

CVE-2024-55591: Critical Authorization Bypass Vulnerability in Fortinet FortiOS and FortiProxy

Learn about CVE-2024-55591 Fortinet FortiOS Authorization Bypass Vulnerability and other newly exploited vulnerabilities and new best practices by subscribing to our newsletter.

CVE-2024-55591: Critical Authorization Bypass Vulnerability in Fortinet FortiOS and FortiProxy

CVE-2024-55591 is a critical authorization bypass vulnerability identified in Fortinet’s FortiOS and FortiProxy products. This flaw allows unauthenticated remote attackers to gain super-admin privileges by sending specially crafted requests to the Node.js websocket module. Exploiting this vulnerability can lead to complete system compromise.

What is Vulnerable to CVE-2024-55591

The following versions of Fortinet products are affected:

  • FortiOS: Versions 7.0.0 through 7.0.16
  • FortiProxy: Versions 7.2.0 through 7.2.12 and 7.0.0 through 7.0.19

Systems running these versions are at risk and should be updated immediately.

Mitigation and Remediation for CVE-2024-55591

To address this vulnerability, Fortinet has released patches in the following versions:

  • FortiOS: Update to version 7.0.17 or later.
  • FortiProxy: Update to version 7.2.13 or 7.0.20 or later.

Steps to Mitigate:

  1. Apply Patches: Upgrade to the patched versions as specified above.
  2. Restrict Management Interface Access: Limit access to the management interface to trusted networks only.
  3. Monitor for Indicators of Compromise (IoCs): Review system logs for any unauthorized access or configuration changes.

Detailed instructions and IoCs are available in Fortinet’s official advisory.

Impact of Successful Exploitation of CVE-2024-55591

Exploiting this vulnerability allows attackers to:

  • Gain Super-Admin Privileges: Full control over the affected device.
  • Compromise Network Security: Potential to intercept, modify, or redirect network traffic.
  • Deploy Malicious Payloads: Install malware or create backdoors for persistent access.

Given the critical nature of this vulnerability, immediate action is essential to protect network infrastructure.

Proof of Concept for CVE-2024-55591

As of now, there is no publicly available proof-of-concept (PoC) exploit for CVE-2024-55591. However, Fortinet has confirmed active exploitation of this vulnerability in the wild since at least November 2024, highlighting the urgency for prompt remediation.

CVE-2024-55591 presents a severe security risk to organizations utilizing vulnerable versions of FortiOS and FortiProxy. Immediate application of the recommended patches and adherence to best security practices are crucial to mitigate potential exploitation and safeguard network integrity.

Fortinet Confirms New Zero-Day Exploitation
 
FaviconSecurityWeek
Today
Fortinet Confirms New Zero-Day Exploitation
Sources
Favicon
Favicon
Favicon
 

Subscribe Today

We don’t spam! Read our privacy policy for more info.

Learn more about WNE Security products and services that can help keep you cyber safe.

Learn about CVE-2024-55591 Fortinet FortiOS Authorization Bypass Vulnerability and other vulnerabilities and best practices by subscribing to our newsletter.


Subscribe to WNE Security’s newsletter for the latest cybersecurity best practices, 0-days, and breaking news. Or learn more about “CVE-2024-55591 Fortinet FortiOS Authorization Bypass Vulnerability”  by clicking the links below

Check Out Some Other Articles

Learn How To Secure A Work From Home Environment by implementing VPN, Drawing Boundaries for Work Devices, Securing Routers, Limit Data Access/least …

Google Chrome Security Settings for the most Secure Google Chrome Browser starts with enabling automatic updates, Safe Browsing, security extension/extension…

Ransomware is more than just a headline—it’s a rising threat. Learn about its mechanics, its consequences, and why staying informed is your best defense.