⚠ Actively exploited

Added to CISA KEV on 2024-10-23. Federal agencies required to patch by 2024-11-13. Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable..

CVE-2024-47575 — FortiJump: Missing Authentication for Critical Function in Fortinet Fortimanager

CWE-306 — Missing Authentication for Critical Function16 documents11 sources

Severity

9.8CRITICALNVD

EPSS

93.8%

top 0.13%

CISA KEV

KEV

Added 2024-10-23

Due 2024-11-13

Exploit

Exploited in wild

Active exploitation observed

Affected products

Fortinet Fortimanager Fortinet Fortimanager Cloud

Timeline

PublishedOct 23

KEV addedOct 23

KEV dueNov 13

Latest updateNov 18

CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4, FortiManager Cloud 7.2.1 through 7.2.7, FortiManager Cloud 7.0.1 through 7.0.12, FortiManager Cloud 6.4.1 through 6.4.7 allows attacker to execute arbitrary code or commands via specially crafted requests.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

▶NVDfortinet/fortimanager_cloud7.0.1 — 7.0.13+3

▶NVDfortinet/fortimanager6.2.0 — 6.2.13+5

▶CVEListV5fortinet/fortimanager7.4.0 — 7.4.4+5

🔴Vulnerability Details

CVEList

CVE-2024-47575: A missing authentication for critical function in FortiManager 7↗2024-10-23

▶

GHSA

GHSA-hx4q-76p6-78cc: A missing authentication for critical function in FortiManager 7↗2024-10-23

▶

VulnCheck

Fortinet FortiManager Missing Authentication Vulnerability↗2024

▶

💥Exploits & PoCs

Nuclei

FortiManager Unauthenticated Remote Code Execution

▶

🔍Detection Rules

Suricata

ET EXPLOIT Fortinet FortiManager File Transfer Handle Response↗2024-11-18

▶

Suricata

ET EXPLOIT Fortinet FortiManager Unauthenticated Remote Code Execution (CVE-2024-47575) M1↗2024-11-18

▶

Suricata

ET EXPLOIT Fortinet FortiManager Unauthenticated Remote Code Execution (CVE-2024-47575) M2↗2024-11-18

▶

Suricata

ET EXPLOIT Fortinet FortiManager Unauthenticated Get File Transfer Handle↗2024-11-18

▶

Suricata

ET EXPLOIT Fortinet FortiManager Unauthenticated Open Server-Side Channel↗2024-11-18

▶

📋Vendor Advisories

Fortinet

Missing authentication in fgfmsd↗2024-10-23

▶

CISA

Fortinet FortiManager Missing Authentication Vulnerability↗2024-10-23

▶

🕵️Threat Intelligence

Bleepingcomputer

Mandiant says new Fortinet flaw has been exploited since June↗2024-10-24

▶

Bleepingcomputer

Fortinet warns of new critical FortiManager flaw used in zero-day attacks↗2024-10-23

▶

Threat Intel

UNC5820

▶