skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Fortinet FortiManager Vulnerability Enables Remote Code Execution

/ 1 min read

Fortinet FortiManager vulnerability allows unauthenticated remote code execution. A newly identified vulnerability in Fortinet’s FortiManager and FortiManager Cloud devices enables unauthenticated remote code execution (RCE) with root privileges. This flaw affects multiple versions of FortiManager, including 7.6.0 and earlier versions down to 6.2.0, as well as specific FortiManager Cloud versions. The vulnerability, disclosed on October 23, 2024, is linked to a missing authentication mechanism, allowing attackers to exploit the system without valid credentials. Users are urged to update their systems to mitigate potential risks associated with this security issue. The exploit is part of the Metasploit framework, which provides tools for penetration testing and security assessments.