![]() |
|||
Attention constituent: A known, successfully exploited critical zero-day vulnerability (CVE-2024-47575) has been identified in Fortinet’s FortiManager and FortiManager Cloud platforms. This vulnerability stems from missing authentication in the FortiGate to FortiManager (FGFM) daemon (fgfmsd). Exploitation of this flaw allows remote, unauthenticated attackers to execute arbitrary code or commands via specially crafted requests. CVE: CVE-2024-47575 Versions impacted:
Consequences: Successful exploitation of this vulnerability can lead to unauthorised access and control over FortiManager devices. Attackers can view and modify configuration files, obtain sensitive information, and potentially manage other connected devices. This could result in significant security breaches, data exfiltration, and further lateral movement within the network.
For further detailed information and updates, please refer to the following resources:
Best, |