ⓘ This advisory addresses a critical vulnerability impacting FortiOS systems (CVE-2024-55591). |
Attention constituent:
A critical vulnerability (CVE-2024-55591) has been identified in Fortinet’s FortiOS systems. This vulnerability stems from an authentication bypass flaw in the FortiOS web management interface. Exploitation of this vulnerability allows remote, unauthenticated attackers to gain unauthorised administrative access and execute arbitrary actions on affected systems.
CVE: CVE-2024-55591
Severity: Critical (CVSS: 9.8)
Affected Platforms: FortiOS systems with exposed management interfaces
Versions impacted:
- FortiOS versions prior to 7.0.13
- FortiOS versions 7.2.0 through 7.2.8
- FortiOS versions 7.4.0 through 7.4.5
Consequences: Successful exploitation of this vulnerability can result in:
- Full administrative access to vulnerable devices.
- Unauthorised configuration changes, potentially leading to further network compromise.
- Data exfiltration and unauthorised management of network resources.
- Opportunity for attackers to disable security protections and create persistent backdoors.
Indicators of Compromise (IoC):
- Unusual administrative login attempts.
- Unexpected changes in configurations or firewall policies.
- Increased network traffic to/from management interfaces.
Remediation |
- Investigate: Conduct an immediate review of FortiOS management interface logs for unauthorized activity and leverage available scripts, such as this GitHub resource, to identify vulnerable instances and signs of compromise.
- Patch: Update to the latest versions of FortiOS that address CVE-2024-55591. Monitor Fortinet’s advisory for ongoing updates: Fortinet PSIRT Advisory.
- Mitigate: Disable unnecessary exposure of management interfaces to the internet, restrict access to trusted IP ranges using access control lists (ACLs), and enforce multi-factor authentication (MFA) for administrative accounts.
- Monitor: Continuously monitor your systems for unusual activity using tools such as Shadowserver’s vulnerability tracker.
|
For further detailed information and updates, please refer to the following resources:
Best,

|