WNE Security News
Read more about “CVE-2024-55591 Fortinet FortiOS Authorization Bypass Vulnerability” and the most important cybersecurity news to stay up to date with
CVE-2024-55591 Fortinet FortiOS Authorization Bypass Vulnerability

WNE Security Publisher
1/15/2025
(2024-55591) Base Score:
Vendors Mitigation Instructions
9.5

Learn about CVE-2024-55591 Fortinet FortiOS Authorization Bypass Vulnerability and other newly exploited vulnerabilities and new best practices by subscribing to our newsletter.
CVE-2024-55591: Critical Authorization Bypass Vulnerability in Fortinet FortiOS and FortiProxy
CVE-2024-55591 is a critical authorization bypass vulnerability identified in Fortinet’s FortiOS and FortiProxy products. This flaw allows unauthenticated remote attackers to gain super-admin privileges by sending specially crafted requests to the Node.js websocket module. Exploiting this vulnerability can lead to complete system compromise.
What is Vulnerable to CVE-2024-55591
The following versions of Fortinet products are affected:
- FortiOS: Versions 7.0.0 through 7.0.16
- FortiProxy: Versions 7.2.0 through 7.2.12 and 7.0.0 through 7.0.19
Systems running these versions are at risk and should be updated immediately.
Mitigation and Remediation for CVE-2024-55591
To address this vulnerability, Fortinet has released patches in the following versions:
- FortiOS: Update to version 7.0.17 or later.
- FortiProxy: Update to version 7.2.13 or 7.0.20 or later.
Steps to Mitigate:
- Apply Patches: Upgrade to the patched versions as specified above.
- Restrict Management Interface Access: Limit access to the management interface to trusted networks only.
- Monitor for Indicators of Compromise (IoCs): Review system logs for any unauthorized access or configuration changes.
Detailed instructions and IoCs are available in Fortinet’s official advisory.
Impact of Successful Exploitation of CVE-2024-55591
Exploiting this vulnerability allows attackers to:
- Gain Super-Admin Privileges: Full control over the affected device.
- Compromise Network Security: Potential to intercept, modify, or redirect network traffic.
- Deploy Malicious Payloads: Install malware or create backdoors for persistent access.
Given the critical nature of this vulnerability, immediate action is essential to protect network infrastructure.
Proof of Concept for CVE-2024-55591
As of now, there is no publicly available proof-of-concept (PoC) exploit for CVE-2024-55591. However, Fortinet has confirmed active exploitation of this vulnerability in the wild since at least November 2024, highlighting the urgency for prompt remediation.
CVE-2024-55591 presents a severe security risk to organizations utilizing vulnerable versions of FortiOS and FortiProxy. Immediate application of the recommended patches and adherence to best security practices are crucial to mitigate potential exploitation and safeguard network integrity.
Learn more about WNE Security products and services that can help keep you cyber safe.
Learn about CVE-2024-55591 Fortinet FortiOS Authorization Bypass Vulnerability and other vulnerabilities and best practices by subscribing to our newsletter.
Subscribe to WNE Security’s newsletter for the latest cybersecurity best practices, 0-days, and breaking news. Or learn more about “CVE-2024-55591 Fortinet FortiOS Authorization Bypass Vulnerability” by clicking the links below