TT-CSIRT – 436.24.10.24. Missing Authentication in FortiManager fgfmd

TT-CSIRT – 436.24.10.24. Missing Authentication in FortiManager fgfmd

Fortinet has released a patch to address a critical vulnerability in their FortiManager product. This vulnerability allows threat actors to use a compromised FortiManager device to execute arbitrary code or commands via specially crafted requests against other FortiManager devices, through a missing authentication for critical function vulnerability [CWE-306] in FortiManager fgfmd daemon.   Reports have shown this vulnerability to be exploited in the wild.  

Recommendations:
TTCSIRT encourages administrators to visit the following link for more information and take necessary actions immediately: PSIRT | FortiGuard Labs   If you have any queries, comments or require assistance, please feel free to contact the TT-CSIRT via contacts@ttcsirt.gov.tt