Fortinet has launched security patches for a crucial vulnerability in its FortiSwitch gadgets that may be exploited to vary administrator passwords remotely.
The corporate says Daniel Rozeboom of the FortiSwitch internet UI growth group found the vulnerability (CVE-2024-48887) internally.
Unauthenticated attackers can exploit this unverified FortiSwitch GUI password change security flaw (rated with a 9.8/10 severity rating) in low-complexity assaults that do not require consumer interplay.
Fortinet says menace actors can change credentials utilizing a specifically crafted request despatched through the set_password endpoint.
“An unverified password change vulnerability [CWE-620] in FortiSwitch GUI could permit a distant unauthenticated attacker to change admin passwords through a specifically crafted request,” Fortinet says.
CVE-2024-48887 impacts a number of FortiSwitch variations, from FortiSwitch 6.4.0 and as much as FortiSwitch 7.6.0, and was addressed in FortiSwitch variations 6.4.15, 7.0.11, 7.2.9, 7.4.5, and seven.6.1.
| Model | Affected | Patch |
|---|---|---|
| FortiSwitch 7.6 | 7.6.0 | Improve to 7.6.1 or above |
| FortiSwitch 7.4 | 7.4.0 by way of 7.4.4 | Improve to 7.4.5 or above |
| FortiSwitch 7.2 | 7.2.0 by way of 7.2.8 | Improve to 7.2.9 or above |
| FortiSwitch 7.0 | 7.0.0 by way of 7.0.10 | Improve to 7.0.11 or above |
| FortiSwitch 6.4 | 6.4.0 by way of 6.4.14 | Improve to six.4.15 or above |
For individuals who cannot instantly apply the security updates launched on Tuesday, Fortinet additionally gives a short lived workaround requiring them to disable ‘HTTP/HTTPS Entry’ from administrative interfaces and limit entry to susceptible FortiSwitch gadgets to trusted hosts.
On Tuesday, the corporate additionally patched an OS command injection (CVE-2024-54024) in FortiIsolator and flaws impacting FortiOS, FortiProxy, FortiManager, FortiAnalyzer, FortiVoice, and FortiWeb (CVE-2024-26013 and CVE-2024-50565) that unauthenticated attackers can exploit in man-in-the-middle assaults.
Fortinet vulnerabilities are sometimes focused within the wild, some exploited as zero days lengthy earlier than the corporate points security patches.
For example, in December, Chinese language hackers used a DeepData post-exploitation toolkit to steal credentials utilizing a zero-day (with no CVE ID) in Fortinet’s FortiClient Home windows VPN shopper.
One other Fortinet FortiManager flaw, dubbed “FortiJump” and tracked as CVE-2024-47575, has been exploited as a zero-day to breach over 50 servers since June 2024.
Extra not too long ago, Fortinet disclosed two extra vulnerabilities (CVE-2024-55591 and CVE-2025-24472) in January and February, additionally exploited as zero days in ransomware assaults.
Primarily based on an evaluation of 14M malicious actions, uncover the highest 10 MITRE ATT&CK strategies behind 93% of assaults and the right way to defend towards them.
