CVE-2024-26009 | FortiOS - FortiManager Operational Intel

Executive Risk Summary

"An authentication bypass vulnerability in Fortinet FortiOS and FortiProxy versions allows an unauthenticated attacker to seize control of a managed device via crafted FGFM requests. This vulnerability affects devices managed by a FortiManager, and the attacker must know the FortiManager's serial number to exploit it."

Operational Audit Arsenal

Target Type Firmware Image

Target Asset FortiOS

Standard Path Global Firmware

Manual Verification Required

This is a non-Windows asset (Fortinet). Use the target asset details above to verify your version against vendor advisories.

Patch Impact Forecast

Reboot Required Likely

High

Internal Work Notes

Fortinet FortiOS authentication bypass vulnerability (CVE-2024-26009) - verify device version and apply patch if necessary, as this vulnerability allows for unauthenticated device control

Technical Intelligence & Operational Utilities • Delivered Weekly

Intelligence Sources

Official Advisoryhttps://fortiguard.fortinet.com/psirt/FG-IR-24-042

Scope of Impact

Fortinet FortiswitchmanagerFortinet FortipamFortinet FortiosFortinet Fortiproxy

Original NVD Description

"An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS version 6.4.0 through 6.4.15 and before 6.2.16, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8 and before 7.0.15 & FortiPAM before version 1.2.0 allows an unauthenticated attacker to seize control of a managed device via crafted FGFM requests, if the device is managed by a FortiManager, and if the attacker knows that FortiManager's serial number."

Related Fortinet Threats

CVE-2024-23108 CVSS 10

FortiGate - API

CVE-2024-23109 CVSS 10

FortiGate - API

CVE-2023-34992 CVSS 10

FortiGate - API

Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.