TT-CSIRT – 439.09.04.25. Security Update – FortiSwitch Vulnerability
Please be advised that Fortinet has released a security update to address a critical vulnerability (CVE-2024-48887) found in the FortiSwitch GUI. This vulnerability could enable a remote unauthenticated attacker to alter admin passwords through a specifically designed request.
Impact
- Exploitation could lead to full system compromise
- Weakness Enumeration: CWE-620 – Unverified Password Change
- Type: Privilege escalation
Affected Versions
| Version | Affected | Solution |
| FortiSwitch 7.6 | 7.6.0 | Upgrade to 7.6.1 or above |
| FortiSwitch 7.4 | 7.4.0 through 7.4.4 | Upgrade to 7.4.5 or above |
| FortiSwitch 7.2 | 7.2.0 through 7.2.8 | Upgrade to 7.2.9 or above |
| FortiSwitch 7.0 | 7.0.0 through 7.0.10 | Upgrade to 7.0.11 or above |
| FortiSwitch 6.4 | 6.4.0 through 6.4.14 | Upgrade to 6.4.15 or above |
Solution: Update affected build to the latest version as seen above:
Workaround
- Disable HTTP/HTTPS access from administrative interfaces.
- Configure trusted hosts to restrict which hosts can connect to the system.
Reference:
- https://fortiguard.fortinet.com/psirt/FG-IR-24-435
- https://www.cve.org/CVERecord?id=CVE-2024-48887
- https://cwe.mitre.org/data/definitions/620.html
If you have any queries, comments or require assistance, please feel free to contact TT-CSIRT via contacts@ttcsirt.gov.tt
