IT and Cybersecurity News

SECURITY ALERT: FortiManager Vulnerability Actively Exploited as Zero-Day | CVE-2024-47575

Written by Systems Engineering | October 24, 2024

Systems Engineering is aware of the Fortinet FortiManager missing authentication for critical function vulnerability in the fgfmd process, CVE-2024-47575. Reports have shown this vulnerability to be exploited in the wild.

Fortinet rates this vulnerability as CRITICAL.

DESCRIPTION

Fortinet announced due to missing authentication for critical device registration in the FortiManager fgfmd process, it may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests. Attackers could use this vulnerability to execute malicious code on the FortiManager, install malware, or create backdoors into FortiManager systems.

SCOPE

This vulnerability is specific to FortiManager and FortiManager Cloud. Per Fortinet’s Security Advisory notice, the specific versions that are affected are as follows:

COURSE OF ACTION

Fortinet has released a patch to remediate affected systems.

For clients who have Systems Engineering manage their FortiManager and FortiManager Cloud, we will proactively patch your systems and will contact you about remediating this vulnerability. FortiManagers can be upgraded without downtime impacting your network performance.

For clients who manage their own FortiManager and FortiManager Cloud, we strongly recommend you have your affected systems patched for this vulnerability. If you would like our assistance with patching, please reach out to Systems Engineering Customer Service at 207.772.4199 to have a ticket opened to get your system updated.

If you are a Systems Engineering client and have questions about this Security Alert, please contact your Account Manager.