Fortinet: ‘Critical’ FortiManager Vulnerability Is Seeing Exploitation

‘Reports have shown this vulnerability to be exploited in the wild,’ the security vendor says in an advisory Wednesday.

Fortinet disclosed Wednesday that a critical-severity vulnerability affecting numerous versions of FortiManager has seen exploitation in attacks.

The flaw is tracked at CVE-2024-47575 and can enable remote execution of code by an unauthenticated threat actor, according to Fortinet’s advisory.

[Related: Network Security Devices Are The Front Door To An IT Environment, But Are They Under Lock And Key?]

“Reports have shown this vulnerability to be exploited in the wild,” the cybersecurity vendor said in the advisory Wednesday.

It was not immediately clear how widespread the attacks exploiting the FortiManager vulnerability are as of this writing.

The “missing authentication for critical function vulnerability” can allow an attacker to execute code remotely using “specially crafted requests,” Fortinet said.

The vulnerability has received a rating of “critical,” with a severity score of 9.8 out of 10.0. Fortinet has released fixes for the vulnerability in affected versions of FortiManager and FortiManager Cloud.

According to a BleepingComputer report, Fortinet had privately warned customers about the FortiManager vulnerability beginning Oct. 13, and the existence of the flaw subsequently was mentioned online prior to Fortinet’s advisory Wednesday.

In a statement Wednesday, Fortinet said that after the vulnerability was identified, the vendor “promptly communicated critical information and resources to customers.”

This approach was “in line with our processes and best practices for responsible disclosure to enable customers to strengthen their security posture prior to an advisory being publicly released to a broader audience, including threat actors,” the company said in the statement.

Fortinet added that it’s urging customers to “follow the guidance provided to implement the workarounds and fixes.”

Versions of FortiManager that are impacted by the issue include 6.2, 6.4, 7.0, 7.2, 7.4 and 7.6. The flaw also affects FortiManager Cloud 6.4, 7.0, 7.2 and 7.4, according to Fortinet.