Fortinet has issued security updates to address a critical vulnerability in FortiSwitch that could allow attackers to change passwords without authorization.
The flaw, tracked as CVE-2024-48887, has a severity score of 9.3 out of 10, making it a serious security risk.
The vulnerability, identified in the FortiSwitch GUI, allows a remote, unauthenticated attacker to modify admin passwords through a specially crafted request. This issue affects several versions of FortiSwitch, including:
- FortiSwitch 7.6.0 (Upgrade to 7.6.1 or above)
- FortiSwitch 7.4.0 through 7.4.4 (Upgrade to 7.4.5 or above)
- FortiSwitch 7.2.0 through 7.2.8 (Upgrade to 7.2.9 or above)
- FortiSwitch 7.0.0 through 7.0.10 (Upgrade to 7.0.11 or above)
- FortiSwitch 6.4.0 through 6.4.14 (Upgrade to 6.4.15 or above)
The vulnerability was discovered internally by Daniel Rozeboom, a member of the FortiSwitch web UI development team.
As a precautionary measure, Fortinet recommends disabling HTTP/HTTPS access from administrative interfaces and restricting access to only trusted hosts. While there is no evidence yet that this vulnerability has been exploited, Fortinet has previously seen several of its product flaws weaponized by attackers. Therefore, it is crucial that users apply the patches as soon as possible to mitigate the risk.
Found this article interesting? Follow us on X(Twitter) and FaceBook to read more exclusive content we post.
