Fortinet has issued crucial security updates to address a severe vulnerability in FortiSwitch devices. This flaw could allow attackers to change admin passwords without authorization, posing a significant risk to network security.

Understanding the Vulnerability

The vulnerability, identified as CVE-2024-48887, has been assigned a CVSS score of 9.3, indicating its critical nature. This issue stems from an unverified password change vulnerability in the FortiSwitch GUI, which could be exploited by remote attackers through specially crafted requests.

Affected Versions

The vulnerability impacts several versions of FortiSwitch, necessitating urgent upgrades to secure systems:

  • FortiSwitch 7.6.0: Upgrade to version 7.6.1 or later.
  • FortiSwitch 7.4.0 through 7.4.4: Upgrade to version 7.4.5 or later.
  • FortiSwitch 7.2.0 through 7.2.8: Upgrade to version 7.2.9 or later.
  • FortiSwitch 7.0.0 through 7.0.10: Upgrade to version 7.0.11 or later.
  • FortiSwitch 6.4.0 through 6.4.14: Upgrade to version 6.4.15 or later.

Mitigation Strategies

Fortinet has provided recommendations to mitigate the risk while users apply the necessary patches. These include disabling HTTP/HTTPS access from administrative interfaces and restricting system access to trusted hosts only.

Proactive Measures

Although there is no current evidence of exploitation, Fortinet emphasizes the importance of prompt action. Previous vulnerabilities in Fortinet products have been targeted by threat actors, highlighting the need for immediate patch application.

The link has been copied!