Arbitrary Code Execution Vulnerability in FortiManager (CVE-2024-47575)

Imechapishwa: Nov 08, 2024 22:41

Advisory No: TZCERT-SA-24-0039

Source: FortiGuard

Software Affected: fgfmsd

Overview

FortiManager is vulnerable to a critical vulnerability. A remote attacker can exploit the vulnerability to execute arbitrary code.

Description

FortiManager versions running fgfmsd are vulnerable to a critical vulnerability tracked as CVE-2024-47575 with CVSS base score 9.8. The vulnerability result from a missing authentication check in the FortiGate-FortiManager communication protocol (FGFM), specifically in the fgfmsd daemon, which handles communication between FortiManager and FortiGate devices. Without proper authentication mechanisms in place, this flaw allows an attacker to remotely interact with the FortiManager server by sending specially crafted requests which ends up bypassing typical user verification procedures. This code execution flaw may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.

Impact

Successful exploitation of this vulnerability may allow the attacker to take control of the affected system.

Solution

FortiGuard has released a security patch for this vulnerability. Users and administrators are encouraged to apply necessary updates.

Subscribe To TZ - CERT Newsletter

A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.

Subscribe
Ripoti Tukio