Tag :
Cyber Security

About the Vulnerability

Introduction

FortiOS is a high-quality network security operating system developed by Fortinet. This operating system employs advanced technology and design to provide users with reliable network security solutions. FortiOS features a variety of functions, such as attack protection, traffic management, and VPN connections, which can meet users' diverse network security needs. Additionally, FortiOS has a user-friendly interface and easy-to-manage features, helping users easily manage and monitor the status and performance of network security. FortiOS is suitable for various enterprises and organizations, offering efficient network security protection.

Summary

On January 15, 2025, Sangfor FarSight Labs received notification that a Fortinet-Fortios component contains information of authentication bypass vulnerability(CVE-2024-55591), classified as critical in threat level.

FortiOS and FortiProxy contain an authentication bypass vulnerability that utilizes an alternate path or channel. Unauthorized attackers can gain super administrator privileges by forging requests to the Node.js websocket module.

Affected Versions

7.0.0 ≤ FortiOS < 7.0.16

7.2.0 ≤ FortiProxy < 7.2.13

7.0.0 ≤ FortiProxy < 7.0.20

Solutions

Remediation Solutions

Official Solution

The latest versions have officially been released to fix the vulnerability. Affected users are recommended to update the server to the following versions:

FortiOS 7.0.17

FortiProxy 7.2.13

FortiProxy 7.0.20

Download link:

https://docs.fortinet.com/upgrade-tool/fortigate

Temporary Solution

  1. Disable the HTTP/HTTPS management interface or restrict access using local policies. For detailed operation procedures, see: https://fortiguard.fortinet.com/psirt/FG-IR-24-535
  2. Monitor logs and regularly check abnormal activities in the system logs, including unusual login attempts and configuration changes
  3. Use strong passwords and implement multi-factor authentication (MFA), and restrict management access to trusted IP ranges.

Timeline

On January 15, 2025, Sangfor FarSight Labs received notification of FortiOS and FortiProxy Authentication Bypass Vulnerability.

On January 15, 2025, Sangfor FarSight Labs released a vulnerability alert.

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-535

https://securityonline.info/active-exploitation-of-cve-2024-55591-cvss-9-6-fortios-and-fortiproxy-under-threat/

Listen To This Post

Search

Keyword maximum 256 character

Related Articles

Beyond the Breach: How Education Data Becomes Trust Context for Social Engineering

Date : 09 Jun 2026
Read Now

Linux Cryptojacking Could be Secretly Draining Your Server Resources

Date : 26 May 2026
Read Now

GoldFactory Targets Vietnam and Thailand with Mobile Banking Fraud

Date : 12 May 2026
Read Now

See Other Product

Sangfor Omni-Command
Replace your Enterprise NGAV with Sangfor Endpoint Secure
SASE ROI Calculator - Assess Sangfor SASE’s Total Economic Impact
Sangfor Athena XDR - Extended Detection and Response
Athena SASE - Secure Access Service Edge
Sangfor Athena NGFW - Next Generation Firewall

Meet the Author

Sangfor HQ Building

Sangfor Technologies

Sangfor Technologies is a leading vendor of Cyber Security and Cloud Computing solutions. The majority of the blogs that you are seeing here are written by professionals working at Sangfor. We have a team of content writers, product managers and marketing experts who are taking care of writing articles on various topics that are relevant to our audience. Our team ensures that the articles published are factually correct and helpful to our customers and partners to know more about the recent trends on Cyber Security and Cloud, and how it can help their organizations.

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
See Author's Detail