June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Google Chrome Zero-Day Vulnerability Exploited by Lazarus Group by Using Phony DeFi Game – Active IOCs
October 24, 2024
Google Warns of New Fortinet Vulnerability Being Exploited Since June – Active IOCs
October 24, 2024
Google Chrome Zero-Day Vulnerability Exploited by Lazarus Group by Using Phony DeFi Game – Active IOCs
October 24, 2024
Google Warns of New Fortinet Vulnerability Being Exploited Since June – Active IOCs
October 24, 2024
Severity
High
Analysis Summary
CVE-2024-47575
Fortinet FortiManager could allow a remote attacker to execute arbitrary code on the system, caused by a missing authentication for critical function vulnerability in the fgfmd daemon. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code or commands on the system.
Impact
- Code Execution
Indicators of Compromise
CVE
- CVE-2024-47575
Affected Vendors
Fortinet
Affected Products
- Fortinet FortiManager 6.2.0
- Fortinet FortiManager 7.0.0
- Fortinet FortiManager 6.4.0
- Fortinet FortiManager 7.2.0
- Fortinet FortiManager 7.4.0
- Fortinet FortiManager 7.6.0
Remediation
Refer to FortiGuard Advisory for patch, upgrade or suggested workaround information.
