Known Exploited Vulnerability
9.8
CRITICAL CVSS 3.1
CVE-2024-55591
Fortinet FortiOS Authorization Bypass Vulnerability - [Actively Exploited]
Description

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.

INFO

Published Date :

Jan. 14, 2025, 2:15 p.m.

Last Modified :

Jan. 23, 2025, 2 a.m.

Remotely Exploit :

Yes !
CISA Notification
CISA KEV (Known Exploited Vulnerabilities)

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.

Description :

Fortinet FortiOS contains an authorization bypass vulnerability that may allow an unauthenticated remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.

Required Action :

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Notes :

https://fortiguard.fortinet.com/psirt/FG-IR-24-535 ; https://nvd.nist.gov/vuln/detail/CVE-2024-55591

Affected Products

The following products are affected by CVE-2024-55591 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Fortinet fortios
2 Fortinet fortiproxy
CVSS Scores
The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.
Score Version Severity Vector Exploitability Score Impact Score Source
CVSS 3.1 CRITICAL [email protected]
CVSS 3.1 CRITICAL [email protected]
Solution
This information is provided by the 3rd party feeds.
  • For 7.0.x, upgrade to Fortigate version 7.0.17 or later.
Public PoC/Exploit Available at Github

CVE-2024-55591 has a 22 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2024-55591.

URL Resource
https://fortiguard.fortinet.com/psirt/FG-IR-24-535 Mitigation Vendor Advisory
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-55591 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-55591 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

CVE POC repo 자동 수집기

Python

Updated: 19 hours, 36 minutes ago
0 stars 1 fork 1 watcher
Born at : June 8, 2025, 3:07 p.m. This repo has been linked 125 different CVEs too.

None

Python

Updated: 2 months ago
1 stars 1 fork 1 watcher
Born at : May 26, 2025, 11:57 a.m. This repo has been linked 1 different CVEs too.

None

Python

Updated: 3 months, 3 weeks ago
0 stars 0 fork 0 watcher
Born at : April 11, 2025, 1:52 p.m. This repo has been linked 1 different CVEs too.

None

HTML Python Shell

Updated: 1 month, 2 weeks ago
0 stars 0 fork 0 watcher
Born at : Feb. 13, 2025, 8:50 a.m. This repo has been linked 891 different CVEs too.

None

Updated: 6 months, 2 weeks ago
0 stars 0 fork 0 watcher
Born at : Feb. 9, 2025, 2 p.m. This repo has been linked 1 different CVEs too.

#PoC for CVE-2024-55591 Authentication bypass Affects: FortiOS 7.0.0 to 7.0.16 , FortiProxy 7.0.0 to 7.0.19 ,FortiProxy 7.2.0 to 7.2.12

Python

Updated: 6 months, 3 weeks ago
1 stars 1 fork 1 watcher
Born at : Jan. 29, 2025, 7:39 p.m. This repo has been linked 1 different CVEs too.

A comprehensive all-in-one Python-based Proof of Concept script to discover and exploit a critical authentication bypass vulnerability (CVE-2024-55591) in certain Fortinet devices.

attack-surface automated firewall fortinet poc wizard cve-2024-55591

Python

Updated: 2 months, 4 weeks ago
12 stars 5 fork 5 watcher
Born at : Jan. 29, 2025, 2:54 p.m. This repo has been linked 1 different CVEs too.

FortiGate Config Leak Checker

cybersecurity fortigate leak

CSS JavaScript HTML

Updated: 3 months, 1 week ago
2 stars 0 fork 0 watcher
Born at : Jan. 27, 2025, 12:55 p.m. This repo has been linked 2 different CVEs too.

None

Python

Updated: 1 month, 4 weeks ago
65 stars 14 fork 14 watcher
Born at : Jan. 27, 2025, 6:25 a.m. This repo has been linked 1 different CVEs too.

CVE-2024-55591 Opening CMD (Command Line Interface), Creating a Superuser, and Managing VPN Groups

Python

Updated: 6 months, 3 weeks ago
5 stars 1 fork 1 watcher
Born at : Jan. 25, 2025, 2:35 p.m. This repo has been linked 1 different CVEs too.

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS and FortiProxy may allow a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.

Python

Updated: 6 months ago
5 stars 3 fork 3 watcher
Born at : Jan. 24, 2025, 8:29 p.m. This repo has been linked 1 different CVEs too.

Private CVE-2024-55591

Updated: 7 months ago
0 stars 0 fork 0 watcher
Born at : Jan. 24, 2025, 12:59 p.m. This repo has been linked 1 different CVEs too.

None

Updated: 6 months, 2 weeks ago
3 stars 0 fork 0 watcher
Born at : Jan. 22, 2025, 2:16 p.m. This repo has been linked 1 different CVEs too.

None

Python

Updated: 2 months, 3 weeks ago
24 stars 11 fork 11 watcher
Born at : Jan. 21, 2025, 12:30 p.m. This repo has been linked 1 different CVEs too.

Checks for authentication bypass vulnerability inFortinet's FortiOS, potentially exploited by remote attackers.

Updated: 7 months ago
1 stars 0 fork 0 watcher
Born at : Jan. 18, 2025, 3:17 p.m. This repo has been linked 1 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-55591 vulnerability anywhere in the article.

  • BleepingComputer
The Heat Wasn't Just Outside: Cyber Attacks Spiked in Summer 2025

Summer 2025 wasn't just hot; it was relentless. Ransomware hammered hospitals, retail giants suffered data breaches, insurance firms were hit by phishing, and nation-state actors launched disruptive c ... Read more

Published Date: Aug 05, 2025 (2 weeks, 5 days ago)
  • CybersecurityNews
New Attack Targeting Japanese Companies Exploiting Ivanti & Fortinet VPN Vulnerabilities

A sophisticated cyber espionage campaign has emerged targeting Japanese organizations through critical vulnerabilities in Ivanti Connect Secure and FortiGate VPN devices. The attack campaign, observed ... Read more

Published Date: Jul 16, 2025 (1 month, 1 week ago)
  • The Hacker News
Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks

Former members tied to the Black Basta ransomware operation have been observed sticking to their tried-and-tested approach of email bombing and Microsoft Teams phishing to establish persistent access ... Read more

Published Date: Jun 11, 2025 (2 months, 1 week ago)
  • Cyber Security News
Hackers Actively Exploiting Fortigate Vulnerabilities to Deploy Qilin Ransomware

A new wave of cyberattacks has emerged targeting critical infrastructure through the exploitation of Fortigate security appliance vulnerabilities, with threat actors successfully deploying the notorio ... Read more

Published Date: Jun 09, 2025 (2 months, 2 weeks ago)
  • BleepingComputer
Critical Fortinet flaws now exploited in Qilin ransomware attacks

The Qilin ransomware operation has recently joined attacks exploiting two Fortinet vulnerabilities that allow bypassing authentication on vulnerable devices and executing malicious code remotely. Qili ... Read more

Published Date: Jun 06, 2025 (2 months, 2 weeks ago)
  • Help Net Security
44% of the zero-days exploited in 2024 were in enterprise solutions

In 2024, threat actors exploited 75 zero-days – i.e., vulnerabilities previously unknown to vendors, thus without a readily available patch – in a wide variety of attacks. Of these, 33 vulnerabilities ... Read more

Published Date: Apr 29, 2025 (3 months, 3 weeks ago)
  • The Hacker News
Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery

Vulnerability / Threat Intelligence Cybersecurity researchers have disclosed a surge in "mass scanning, credential brute-forcing, and exploitation attempts" originating from IP addresses associated wi ... Read more

Published Date: Apr 21, 2025 (4 months ago)
  • Daily CyberSecurity
China-Nexus APT Exploits Ivanti Connect Secure VPN in Global Cyber Espionage Campaign

A recent report by TeamT5 has uncovered a widespread cyber espionage campaign targeting Ivanti Connect Secure VPN appliances. The report details how a China-nexus Advanced Persistent Threat (APT) grou ... Read more

Published Date: Apr 15, 2025 (4 months, 1 week ago)
  • Cyber Security News
Hackers Allegedly Selling FortiGate Firewall 0-Day Exploit on Dark Web Forum

A threat actor has reportedly advertised a zero-day exploit targeting Fortinet’s FortiGate firewalls on a prominent dark web forum. The exploit claims to enable unauthenticated remote code execution ( ... Read more

Published Date: Apr 14, 2025 (4 months, 1 week ago)
  • BleepingComputer
Critical FortiSwitch flaw lets hackers change admin passwords remotely

Fortinet has released security patches for a critical vulnerability in its FortiSwitch devices that can be exploited to change administrator passwords remotely. The company says Daniel Rozeboom of the ... Read more

Published Date: Apr 09, 2025 (4 months, 2 weeks ago)
  • security.nl
Fortinet maakt kritiek firewall-lek maand na uitkomen update bekend

Fortinet heeft een kritieke kwetsbaarheid in de firewalls en vpn-oplossingen die het biedt een maand na het uitkomen van de beveiligingsupdate bekendgemaakt. Via het beveiligingslek (CVE-2025-24472) i ... Read more

Published Date: Feb 12, 2025 (6 months, 1 week ago)
  • BleepingComputer
Fortinet warns of new zero-day exploited to hijack firewalls

Fortinet warned today that attackers are exploiting another now-patched zero-day bug in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. Successful exploitation of t ... Read more

Published Date: Feb 11, 2025 (6 months, 1 week ago)
  • BleepingComputer
Fortinet discloses second firewall auth bypass patched in January

Update 2/11/25 07:32 PM ET: After publishing our story, Fortinet has informed us that the new CVE-2025-24472 flaw added to FG-IR-24-535 today is not a zero-day and was already fixed in January. Furthe ... Read more

Published Date: Feb 11, 2025 (6 months, 1 week ago)
  • TheCyberThrone
TheCyberThrone Security Weekly Review – February 01, 2025

Welcome to TheCyberThrone  cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, February 01, 2025.Cyber Incidents at Tat ... Read more

Published Date: Feb 03, 2025 (6 months, 3 weeks ago)
  • TheCyberThrone
TheCyberThrone CyberSecurity Newsletter Top 5 Articles – January 2025

Welcome to TheCyberThrone cybersecurity month in review will be posted covering the important security happenings . This review is for the month ending January 2025Subscribers favorite #1Exploit Code ... Read more

Published Date: Feb 01, 2025 (6 months, 3 weeks ago)
  • TheCyberThrone
VMware Aria Vulnerabilities Addressed

VMware Security Advisory VMSA-2025-0003 addresses multiple vulnerabilities identified in VMware Aria Operations for Logs and VMware Aria Operations. These vulnerabilities, if exploited, could allow at ... Read more

Published Date: Jan 31, 2025 (6 months, 3 weeks ago)
  • TheCyberThrone
PHP Voyager flaws lead to RCE

Three critical vulnerabilities have been disclosed in the open-source PHP package Voyager, a widely used tool for managing Laravel applications. These vulnerabilities, identified as CVE-2024-55417, CV ... Read more

Published Date: Jan 31, 2025 (6 months, 3 weeks ago)
  • TheCyberThrone
CVE-2024-55591 Exploit Code Released for FortiOS Flaw

Cybersecurity company watchTowr Labs has released the proof-of-concept (PoC) exploit code for a severe zero-day vulnerability, CVE-2024-55591, affecting Fortinet’s FortiOS and FortiProxy products. Thi ... Read more

Published Date: Jan 30, 2025 (6 months, 3 weeks ago)
  • Dark Reading
Actively Exploited Fortinet Zero-Day Gives Attackers Super-Admin Privileges

Source: Lutsenko via Oleksandr via ShutterstockFortinet has patched an actively exploited zero-day authentication bypass flaw affecting its FortiOS and FortiProxy products, which attackers have been e ... Read more

Published Date: Jan 28, 2025 (6 months, 3 weeks ago)
  • Help Net Security
Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 48,000+ internet-facing Fortinet firewalls still open to attack Despite last week’s confirmation of an ... Read more

Published Date: Jan 26, 2025 (6 months, 4 weeks ago)

The following table lists the changes that have been made to the CVE-2024-55591 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725

    Jan. 23, 2025

    Action Type Old Value New Value
    Changed Vulnerability Name Fortinet FortiOS Authorization Bypass Vulnerability Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
  • Initial Analysis by [email protected]

    Jan. 15, 2025

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Added CWE NIST NVD-CWE-Other
    Added CPE Configuration OR *cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* versions from (including) 7.0.0 up to (excluding) 7.0.20 *cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* versions from (including) 7.2.0 up to (excluding) 7.2.13 *cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* versions from (including) 7.0.0 up to (excluding) 7.0.17
    Changed Reference Type https://fortiguard.fortinet.com/psirt/FG-IR-24-535 No Types Assigned https://fortiguard.fortinet.com/psirt/FG-IR-24-535 Mitigation, Vendor Advisory
  • CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725

    Jan. 15, 2025

    Action Type Old Value New Value
    Added Date Added 2025-01-14
    Added Due Date 2025-01-21
    Added Required Action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
    Added Vulnerability Name Fortinet FortiOS Authorization Bypass Vulnerability
  • New CVE Received by [email protected]

    Jan. 14, 2025

    Action Type Old Value New Value
    Added Description An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.
    Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Added CWE CWE-288
    Added Reference https://fortiguard.fortinet.com/psirt/FG-IR-24-535
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
Base CVSS Score: 9.8
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact