Overview

FortiManager is vulnerable to a critical vulnerability. A remote attacker can exploit the vulnerability to execute arbitrary code.

Description

FortiManager versions running fgfmsd are vulnerable to a critical vulnerability tracked as CVE-2024-47575 with CVSS base score 9.8. The vulnerability result from a missing authentication check in the FortiGate-FortiManager communication protocol (FGFM), specifically in the fgfmsd daemon, which handles communication between FortiManager and FortiGate devices. Without proper authentication mechanisms in place, this flaw allows an attacker to remotely interact with the FortiManager server by sending specially crafted requests which ends up bypassing typical user verification procedures. This code execution flaw may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.

Impact

Successful exploitation of this vulnerability may allow the attacker to take control of the affected system.

Solution

FortiGuard has released a security patch for this vulnerability. Users and administrators are encouraged to apply necessary updates.

References

• 1. https://www.fortiguard.com/psirt/FG-IR-24-423
• 2. https://www.securonix.com/blog/details-and-guidance-on-new-fortijump-vulnerability-or-cve-2024-47575/