Fortinet CVE-2024-55591 Vulnerability Exposes Systems to Attacks
/ 1 min read
🚨💻 Fortinet’s CVE-2024-55591 vulnerability exposes systems to remote attacks. On January 14, 2025, Fortinet issued a security advisory regarding an authentication bypass vulnerability in FortiOS and FortiProxy, allowing remote threat actors to gain super-admin privileges via crafted requests. Arctic Wolf had previously tracked a related campaign involving unauthorized administrative logins, leading to the creation of new accounts and VPN access. Affected customers were found to have exposed their Fortigate management interfaces to the public internet. To mitigate risks, Arctic Wolf recommended disabling public access to management interfaces and updating to fixed firmware versions. Specific versions of FortiOS and FortiProxy are affected, while others remain secure. Detailed guidance is available in FortiGuard’s advisory.
