Attack surface management provider watchTowr claims to have found a new zero-day vulnerability in cybersecurity provider Fortinet’s products.
This flaw would allow a managed FortiGate device to elevate privileges and seize control of the FortiManager instance.
This new vulnerability is similar to a previous flaw discovered in October, CVE-2024-47575, also known as “FortiJump.” Researchers at watchTowr named it “FortiJump Higher.”
Background on FortiJump
FortiJump, or CVE-2024-47575, is a vulnerability in FortiManager, a Fortinet tool used by device administrators to maintain entire fleets of FortiGate appliances.
More specifically, FortiJump is the result of a missing authentication for a critical function (CWE-306) in the FortiManager fgfmd daemon that allows a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.
It allows threat actors to use a compromised FortiManager device to execute arbitrary code or commands against other FortiManager devices.
This vulnerability, which carries a common vulnerability severity score (CVSS) of 9.8, is actively exploited in the wild, sometimes together with CVE-2024-23113, another vulnerability in Fortinet products discovered in February 2024.
No tags.
