Exposures › CVE-2024-55591
An unauthenticated remote attacker can bypass authentication to gain super-admin privileges on Fortinet FortiOS and FortiProxy via a Node.js websocket module flaw.
This authentication bypass allows attackers to escalate to super-admin without credentials, enabling full system compromise and data exfiltration. DIB organizations must patch FortiOS and FortiProxy immediately and verify Node.js websocket module integrity, as this flaw is actively exploited in the wild and linked to ransomware campaigns.
Shame score — A critical authentication bypass in a core firewall product that is actively exploited in the wild and linked to ransomware, demonstrating severe negligence and avoidable risk.
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.
No correlated FedRAMP products.