Exposures › CVE-2025-24472
CVE-2025-24472
A remote attacker can bypass authentication to gain super-admin privileges on Fortinet FortiOS and FortiProxy via crafted CSF proxy requests.
This authentication bypass flaw allows remote attackers to escalate to super-admin access without valid credentials, enabling full system compromise. DIB organizations must verify patch levels on Fortinet firewalls and proxies, as this flaw is actively exploited in the wild and linked to ransomware campaigns. Immediate remediation requires applying the latest FortiOS and FortiProxy patches and reviewing network segmentation to limit lateral movement if compromised.
Shame score — A critical authentication bypass in a core firewall product that is actively exploited in the wild and linked to ransomware, demonstrating severe negligence and avoidable risk to defense networks.
Players implicated
Description
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests.
Affected FedRAMP products 0 in the catalog
No correlated FedRAMP products.