Tag :
Cyber Security

About the Vulnerability

Introduction

FortiOS is a high-quality network security operating system developed by Fortinet. This operating system employs advanced technology and design to provide users with reliable network security solutions. FortiOS features a variety of functions, such as attack protection, traffic management, and VPN connections, which can meet users' diverse network security needs. Additionally, FortiOS has a user-friendly interface and easy-to-manage features, helping users easily manage and monitor the status and performance of network security. FortiOS is suitable for various enterprises and organizations, offering efficient network security protection.

Summary

On January 15, 2025, Sangfor FarSight Labs received notification that a Fortinet-Fortios component contains information of authentication bypass vulnerability(CVE-2024-55591), classified as critical in threat level.

FortiOS and FortiProxy contain an authentication bypass vulnerability that utilizes an alternate path or channel. Unauthorized attackers can gain super administrator privileges by forging requests to the Node.js websocket module.

Affected Versions

7.0.0 ≤ FortiOS < 7.0.16

7.2.0 ≤ FortiProxy < 7.2.13

7.0.0 ≤ FortiProxy < 7.0.20

Solutions

Remediation Solutions

Official Solution

The latest versions have officially been released to fix the vulnerability. Affected users are recommended to update the server to the following versions:

FortiOS 7.0.17

FortiProxy 7.2.13

FortiProxy 7.0.20

Download link:

https://docs.fortinet.com/upgrade-tool/fortigate

Temporary Solution

  1. Disable the HTTP/HTTPS management interface or restrict access using local policies. For detailed operation procedures, see: https://fortiguard.fortinet.com/psirt/FG-IR-24-535
  2. Monitor logs and regularly check abnormal activities in the system logs, including unusual login attempts and configuration changes
  3. Use strong passwords and implement multi-factor authentication (MFA), and restrict management access to trusted IP ranges.

Timeline

On January 15, 2025, Sangfor FarSight Labs received notification of FortiOS and FortiProxy Authentication Bypass Vulnerability.

On January 15, 2025, Sangfor FarSight Labs released a vulnerability alert.

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-535

https://securityonline.info/active-exploitation-of-cve-2024-55591-cvss-9-6-fortios-and-fortiproxy-under-threat/

Listen To This Post

Search

Keyword maximum 256 character

Related Articles

Security Feature Bypass in Microsoft Office (CVE-2026-21509)

Date : 27 Jan 2026
Read Now

Authentication Bypass in Oracle WebLogic Server Proxy Plug-in (CVE-2026-21962)

Date : 22 Jan 2026
Read Now

Command Injection in the phMonitor Service of Fortinet FortiSIEM (CVE-2025-64155)

Date : 15 Jan 2026
Read Now

See Other Product

Cyber Command - NDR Platform
MDR TCO Calculator - User Input Page
Endpoint Secure
MDR TCO Calculator - Report Page
Sangfor Athena SWG - Secure Web Gateway
Sangfor Zero Trust Data Protection

Meet the Author

Sangfor HQ Building

Sangfor Technologies

Sangfor Technologies is a leading vendor of Cyber Security and Cloud Computing solutions. The majority of the blogs that you are seeing here are written by professionals working at Sangfor. We have a team of content writers, product managers and marketing experts who are taking care of writing articles on various topics that are relevant to our audience. Our team ensures that the articles published are factually correct and helpful to our customers and partners to know more about the recent trends on Cyber Security and Cloud, and how it can help their organizations.

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
See Author's Detail