A high-level vulnerability has been discovered in Fortinet’s FortiManager product

FortiManager is Fortinet’s network security infrastructure management product, which is used by many organizations to manage and monitor security policies. With it, enterprises can monitor and update their security policies from one place. Therefore, a vulnerability in the FortiManager system can affect all aspects of security.

CVE-2024-47575 (https://nvd.nist.gov/vuln/detail/CVE-2024-47575) is a remote code execution vulnerability that is currently being exploited in the wild. That is, the vulnerability was used in real attacks and malicious code was executed on users’ systems. The most dangerous aspect of this vulnerability is that it allows users to take full control of their systems. This allows attackers to gain unauthorized access to network infrastructure, steal data, and perform other malicious activities.

The vulnerability mainly affects certain versions of FortiManager. Specifically, FortiManager versions 6.x and 7.x are said to be vulnerable to attacks. System updates and security measures are recommended, as attackers are actively exploiting this vulnerability.

The vulnerability allows attackers to gain access to a system by sending specially crafted malicious requests. Attackers can remotely execute code on a system and then gain complete control over the system. This allows not only to steal data, but also to disable the entire network.

Protective measures

1. Fortinet will soon release security updates that address this vulnerability. Users are encouraged to install these updates as soon as possible.
2. Security policies need to be revised and stricter security regulations should be implemented. By monitoring network activity, malicious actions exploiting the vulnerability can be detected.
3. System security can be increased by restricting access to services on the network only to trusted IP addresses.
4. Security monitoring should be strengthened to detect attacks in advance and reduce their damage. Suspicious activities should be investigated immediately.

Vulnerability CVE-2024-47575 (https://nvd.nist.gov/vuln/detail/CVE-2024-47575) poses a significant risk to FortiManager users. This vulnerability could allow attackers to remotely log into the system and execute code. It is therefore recommended that all FortiManager users update their systems promptly and take additional security measures. Fortinet will provide updates to address this vulnerability soon.