A vulnerability has been identified in Fortinet’s FortiSwitch product. The issue could allow for admin password modification by unauthenticated attackers and subsequent account acquisition. The vulnerability (CVE-2024-48887) has a Critical CVSSv3.1 score of 9.3 out of 10.
Description:
The problem exists on exposed HTTP/S instances of the FortiSwitch administrative interface GUI, where a specially crafted request can allow a remote, unauthenticated attacker to alter admin account passwords and subsequently access them. The issue was discovered and addressed internally.
Based on past instances of similar weaknesses on Fortinet product admin interface access vulnerabilities, there is a decent risk of on-the-wild exploitation once details of the vulnerability are made known. Prompt patching and limiting of admin interface access are strongly advised.
Affected Versions:
The following FortiSwitch versions are vulnerable and require patching:
- FortiSwitch 6.0
- FortiSwitch 4.0 – 7.4.4
- FortiSwitch 2.0 – 7.2.8
- FortiSwitch 0.0 – 7.0.10
- FortiSwitch 4.0 – 6.4.14
Recommendations:
- Promptly update vulnerable installations.
- Follow the Fortinet PSIRT advisory for more information: https://fortiguard.fortinet.com/psirt/FG-IR-24-435.
- Ensure automatic updates are enabled for future instances whenever possible.
References:
