Red Hot Cyber, The cybersecurity news

Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Spanish Italian
Search

Critical Vulnerability in Fortinet: Update FortiOS, FortiProxy, and FortiPAM Now

Redazione RHC : 13 August 2025 11:57

Several Fortinet security products, including FortiOS, FortiProxy, and FortiPAM, are affected by a high-severity authentication evasion vulnerability. The flaw, tracked as CVE-2024-26009, has a CVSS score of 7.9 and allows unauthenticated attackers to take complete control of managed devices by exploiting the FortiGate-to-FortiManager (FGFM) communication protocol.

The key prerequisite for successful exploitation of this security flaw is the attacker’s knowledge of the target FortiManager serial number, which serves as a key authentication component in the compromised protocol implementation.

The bug is classified as CWE-288 (Authentication Bypass Using an Alternate Path or Channel). Attackers can exploit this weakness by crafting malicious FGFM requests to target devices managed by FortiManager systems.

The culprit is the FGFM protocol, designed for secure communication between FortiGate devices and central management systems. It contains a critical authentication flaw that allows the execution of unauthorized commands. This vulnerability affects legacy versions of multiple product lines, specifically FortiOS versions 6.0 through 6.4.15 and 6.2.0 through 6.2.16.

FortiProxy installations running versions 7.0.0 through 7.0.15, 7.2.0 through 7.2.8, and 7.4.0 through 7.4.2 are also at risk.

The potential impact is severe, as successful exploitation grants attackers the ability to execute unauthorized code or commands on compromised systems, effectively providing administrative-level access to critical network infrastructure components.

Security researchers from Fortinet’s internal product security team, led by Théo Leleu, discovered this vulnerability during routine security assessments.

Organizations using the affected versions should prioritize immediate patching. Fortinet recommends updating FortiOS 6.4 installations to version 6.4.16 or later, while FortiOS 6.2 users should update to version 6.2.17 or later.

FortiProxy users should upgrade to versions 7.0.16, 7.2.9, or 7.4.3, depending on their current installation.

Redazione
The editorial team of Red Hot Cyber consists of a group of individuals and anonymous sources who actively collaborate to provide early information and news on cybersecurity and computing in general.

Lista degli articoli