CVE-2024-47575

Published Oct 23, 2024

Last updated 2 months ago

Exploit knownCVSS critical 9.8

Insights

Analysis from the Intruder Security Team
Published Oct 24, 2024

For an instance of FortiManager to be exploitable by this vulnerability (FortiJump), the FGFM protocol (tcp/541 or tcp/542 if using IPv6) needs to be exposed to the internet, either by the FortiManager instance or a FortiGate device which is connected to a vulnerable FortiManager instance. This is because the FGFM protocol can allow access to FortiManager devices which are behind NAT if a FortiGate product is exposed to the internet and has FGFM enabled.

FGFM needs to be enabled, this is now disabled by default following the patch for CVE-2024-23113.

Mandiant have a comprehensive article on this weakness, its use in the wild by threat actors, IOCs and mitigation strategies. Watchtowr have released a second blog explaining the full technical details of this attack. In this post Watchtowr outline how the original mitigations did not fully patch systems against this vulnerability.

Intruder customers can use the attack surface view to find out if they have port tcp/541 exposed to the internet.

Overview

Description
A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4, FortiManager Cloud 7.2.1 through 7.2.7, FortiManager Cloud 7.0.1 through 7.0.12, FortiManager Cloud 6.4.1 through 6.4.7 allows attacker to execute arbitrary code or commands via specially crafted requests.
Source
psirt@fortinet.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Known exploits

Data from CISA

Vulnerability name
Fortinet FortiManager Missing Authentication Vulnerability
Exploit added on
Oct 23, 2024
Exploit action due
Nov 13, 2024
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Weaknesses

psirt@fortinet.com
CWE-306

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

1

  1. Just had a thought 💭: Over 15,000 FortiGate devices breached via the zero-day vulnerability CVE-2024-47575 😱. Hackers are stealing IPs & credentials! 🔑 Time to prioritize patching and monitoring! ⏳🔒 #CyberSecurity #InfoSec #ZeroDay https://t.co/lLHoZsYcl0 https://t.co/PwK

    @WTE_Solutions

    17 Jan 2025

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 Zero-Day Alert: CVE-2024-47575 🚨 Un exploit critique cible FortiManager, menaçant les infrastructures réseau. 💻 Découvrez l’analyse et les défenses ici: https://t.co/q5xPKbB9Kx Bluesec – Securing tomorrow, today. #CyberSécurité #ZeroDay #FortiManager https://t.co/nPgzGUZUY

    @Bluesec_CS

    6 Jan 2025

    23 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2024-47575: A missing authentication for critical function in FortiManager FortiManager Cloud allows attacker to execute arbitrary code or commands via specially crafted requests. https://t.co/vMeGkWr0dL https://t.co/BMqelQe9sY

    @cyber_advising

    5 Jan 2025

    1337 Impressions

    6 Retweets

    28 Likes

    7 Bookmarks

    0 Replies

    0 Quotes

  4. Fortinet Releases Security Updates for FortiManager Fortinet has released a security update to address a critical vulnerability in FortiManager, identified as CVE-2024-47575. This flaw allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially

    @DefendEdge

    20 Dec 2024

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 私的2024年の悪用があった脆弱性3選。 ・Ivanti Connect Secure の複数の脆弱性(CVE-2023-46805等) ・PAN-OSの脆弱性(CVE-2024-3400) ・FortiManagerの脆弱性(CVE-2024-47575) どれも悪用済からの情報公開でパッチと共にまず侵害有無を調査すべきだが、しなくて侵害に気がついてない組織も多かった。

    @Sec_S_Owl

    19 Dec 2024

    1377 Impressions

    1 Retweet

    25 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

  6. AttackerKB @ rapid7 Analysis for 'CVE-2024-47575'

    @byt3n33dl3

    19 Dec 2024

    50 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Our team investigated the “FortiJump” vulnerability (CVE-2024-47575), uncovering risks exploited in the wild. Includes: • PoC & exploit analysis • Secure device management tips • Why proactive defense matters Full analysis: https://t.co/jVSDprxcSz #cybersecurity #FortiJump

    @bishopfox

    29 Nov 2024

    397 Impressions

    0 Retweets

    3 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  8. FortiManager のゼロデイ脆弱性 FortiJump CVE-2024-47575:PoC が公開 https://t.co/Yc2wspSoYT #CyberAttack #DataBreach #Exploit #FortiJump #Fortinet #FortiAnalyzer #FortiManager #Mandiant #PoCExploit #UNC5820 #Vulnerability #ZeroDay

    @iototsecnews

    27 Nov 2024

    53 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. GitHub - watchtowrlabs/Fortijump-Exploit-CVE-2024-47575: Fortinet Fortimanager Unauthenticated Remote Code Execution AKA FortiJump CVE-2024-47575 https://t.co/FHz2FHTXN5

    @akaclandestine

    24 Nov 2024

    1548 Impressions

    12 Retweets

    25 Likes

    7 Bookmarks

    8 Replies

    0 Quotes

  10. Actively exploited CVE : CVE-2024-47575

    @transilienceai

    23 Nov 2024

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  11. CVE-2024-47575: Frequently Asked Questions About FortiJump Zero-Day in FortiManager and FortiManager Cloud https://t.co/FDD4y2HOjO https://t.co/luNmqt6SYk

    @IT_Peurico

    20 Nov 2024

    43 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. CVE-2024-47575: Frequently Asked Questions About FortiJump Zero-Day in FortiManager and FortiManager Cloud https://t.co/kUPbJstqIr https://t.co/C4TJvvhEho

    @IT_Peurico

    20 Nov 2024

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  13. 🚨Alert🚨CVE-2024-47575: Fortinet Fortimanager Unauthenticated Remote Code Execution AKA FortiJump 🔥PoC & Deep Dive: https://t.co/KrEvYPIZG9 🧐Git Link: : https://t.co/aOdodYPJZZ 📊 9.9K+ Services are found on https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:… https://t.co/M7K

    @HunterMapping

    19 Nov 2024

    3489 Impressions

    17 Retweets

    55 Likes

    25 Bookmarks

    1 Reply

    0 Quotes

  14. Actively exploited CVE : CVE-2024-47575

    @transilienceai

    19 Nov 2024

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  15. Updated Post: Vulnerabilidad Crítica en FortiManager Permite Ejecución Remota de Código (CVE-2024-47575) https://t.co/9lc6RveXzM

    @hualkana

    18 Nov 2024

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. New Post: Vulnerabilidad Crítica en FortiManager Permite Ejecución Remota de Código (CVE-2024-47575) https://t.co/9lc6RveXzM

    @hualkana

    18 Nov 2024

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. 🛑 𝗙𝗼𝗿𝘁𝗶𝗻𝗲𝘁 : le correctif pour la faille de sécurité FortiJump (CVE-2024-47575) présente dans FortiManager peut être contourné ! Une nouvelle faille zero-day a été découverte ! 👉 Plus d'infos : https://t.co/c7kHxMDkGD #Fortinet #cybersecurite https://t.co/c7kHxMDkGD

    @ITConnect_fr

    18 Nov 2024

    66 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. PoC Exploit Releases for Zero-Day CVE-2024-47575 Flaw in Fortinet FortiManager With a CVSS score of 9.8, this critical flaw in FortiManager and FortiAnalyzer devices allows remote, unauthenticated attackers to execute arbitrary code https://t.co/k47Z0OLaMG

    @the_yellow_fall

    18 Nov 2024

    724 Impressions

    6 Retweets

    12 Likes

    2 Bookmarks

    0 Replies

    1 Quote

  19. Top 5 Trending CVEs: 1 - CVE-2024-23113 2 - CVE-2024-7965 3 - CVE-2024-47575 4 - CVE-2024-43451 5 - CVE-2024-5690 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    17 Nov 2024

    185 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  20. Fortinet製FortiManagerにおける重要な機能に対する認証の欠如の脆弱性(CVE-2024-47575)等に関する注意喚起 https://t.co/ssuEWzBsfV @jpcert

    @hatunknown

    16 Nov 2024

    144 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. フォーティネット社FortiManagerのゼロデイ脆弱性FortiJump Higherが発見された。watchTowr報告。FortiJump (CVE-2024-47575)の修正が不適当であることによるもの。 https://t.co/gPM4hSTr4v

    @__kokumoto

    16 Nov 2024

    4252 Impressions

    25 Retweets

    48 Likes

    21 Bookmarks

    0 Replies

    2 Quotes

  22. Two weeks ago, my team (Capability Development Group @ Bishop Fox) published a deep dive on FortiManager in support of analyzing FortiJump (CVE-2024-47575, missing authentation in fgfmsd), which is being actively exploited in the wild. We cover prerequisite steps for discovering…

    @noperator

    15 Nov 2024

    13431 Impressions

    18 Retweets

    77 Likes

    32 Bookmarks

    2 Replies

    3 Quotes

  23. ...and we now have a @metasploit exploit module in the pull queue for the FortiManager vuln (CVE-2024-47575): https://t.co/dg1wMJLCuE https://t.co/adGGtLS0Hb

    @stephenfewer

    15 Nov 2024

    19121 Impressions

    62 Retweets

    200 Likes

    77 Bookmarks

    4 Replies

    2 Quotes

  24. GitHub - watchtowrlabs/Fortijump-Exploit-CVE-2024-47575: Fortinet Fortimanager Unauthenticated Remote Code Execution AKA FortiJump CVE-2024-47575 https://t.co/FHz2FHTXN5

    @akaclandestine

    15 Nov 2024

    759 Impressions

    6 Retweets

    8 Likes

    3 Bookmarks

    2 Replies

    0 Quotes

  25. Kritieke kwetsbaarheid ontdekt in fortimanager: wat u moet weten https://t.co/znSbjUBOlG #CVE-2024-47575 #FortiManager kwetsbaarheid #Cyberbeveiliging #Fortinet #Software update #Trending #Tech #Nieuws

    @TrendingNewsBot

    15 Nov 2024

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. Kritieke kwetsbaarheid in fortimanager ontdekt: urgente beveiligingsupdate vereist https://t.co/eXPuCFksjL #CVE-2024-47575 #FortiManager kwetsbaarheid #Fortinet beveiligingsupdate #kritieke cyberbeveiliging #netwerkbeveiliging #Trending #Tech #Nieuws

    @TrendingNewsBot

    15 Nov 2024

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  27. Kritieke fortinet fortimanager kwetsbaarheid ontdekt: wat u moet weten https://t.co/9smW2mpsCa #Fortinet FortiManager kwetsbaarheid #CVE-2024-47575 #fortimanager beveiligingslek #kritieke cybersecurity bedreiging #fortimanager authenticatie fout #Trending #Tech #Nieuws

    @TrendingNewsBot

    15 Nov 2024

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  28. Hop-Skip-FortiJump-FortiJump-Higher - Fortinet FortiManager CVE-2024-47575 https://t.co/X3wslAacax

    @tbbhunter

    15 Nov 2024

    737 Impressions

    0 Retweets

    10 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  29. 【更新】Fortinet製FortiManagerにおける脆弱性(CVE-2024-47575)等に関する注意喚起を更新。本脆弱性の詳細を解説する情報や別の脆弱性が存在すると指摘する情報が確認されています。Fortinet等が公開する最新情報を元に、対策や調査実施をご検討ください。^KK https://t.co/Zgw0z5dptb

    @jpcert

    15 Nov 2024

    4866 Impressions

    10 Retweets

    22 Likes

    7 Bookmarks

    0 Replies

    0 Quotes

  30. CVE-2024-47575 Fortinet FortiManager RCE exp(FortiJump) https://t.co/HId9RlOJMC https://t.co/RakIp2Zitt

    @gov_hack

    15 Nov 2024

    794 Impressions

    2 Retweets

    7 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  31. 🚨 Fortinet FortiManager Unauthenticated RCE (CVE-2024-47575) 🛠 Afecta a Toda sus Versiones 🔗 Research: https://t.co/SPJFpwOUiX 🔗 Source: https://t.co/3WfY3QMrDS #fortinet #fortimanager #fgfm #unauth #rce https://t.co/m4NKhYBYBR

    @HackingTeam777

    14 Nov 2024

    9233 Impressions

    51 Retweets

    195 Likes

    104 Bookmarks

    0 Replies

    0 Quotes

  32. Hop-Skip-FortiJump-FortiJump-Higher - Fortinet FortiManager CVE-2024-47575 https://t.co/54qWebqoRi

    @Dinosn

    14 Nov 2024

    1713 Impressions

    1 Retweet

    4 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  33. hop skip jump over to our latest blog post - analysing Fortinet's FortiJump CVE-2024-47575, FortiJump-Higher (we love this name😄) and beyond (PoC included) https://t.co/35Xg2OoKgP

    @watchtowrcyber

    14 Nov 2024

    21010 Impressions

    61 Retweets

    147 Likes

    56 Bookmarks

    6 Replies

    6 Quotes

  34. We have just published our AttackerKB @rapid7 Analysis for CVE-2024-47575, the recent FortiManager 0day, aka FortiJump 🔥 Read our full technical analysis; detailing firmware decryption, protocol analysis, and unauthenticated RCE 🚀 https://t.co/axuhj0kMuN

    @stephenfewer

    13 Nov 2024

    27762 Impressions

    56 Retweets

    130 Likes

    46 Bookmarks

    6 Replies

    5 Quotes

  35. Actively exploited CVE : CVE-2024-47575

    @transilienceai

    12 Nov 2024

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  36. Actively exploited CVE : CVE-2024-47575

    @transilienceai

    12 Nov 2024

    44 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  37. CVE-2024-47575, for @Fortinet FortiManager [7.6.0 through 6.4.7]; rated CVSS 9.8; has a mitigation date recommendation by @NISTcyber of this Wednesday, November 13. Reports of weaponization are trickling around the interwebs. https://t.co/kVSduOI7So

    @Sujeet

    11 Nov 2024

    89 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  38. Fortinetが重大なゼロデイ脆弱性「CVE-2024-47575」を公開 顧客に警告:Cybersecurity Dive - ITmedia エンタープライズ https://t.co/MlTgqH0zwM 10/30で更新されたセキュリティアドバイザリについての記事。

    @Syynya

    11 Nov 2024

    97 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  39. Actively exploited CVE : CVE-2024-47575

    @transilienceai

    10 Nov 2024

    50 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  40. Fortinet製FortiManagerにおける重要な機能に対する認証の欠如の脆弱性 (CVE-2024-47575)等に関する注意喚起 https://t.co/ArTAnzNbXH 一部の問題はFortiManagerに限らず

    @AssHairGundam

    10 Nov 2024

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  41. Mandiant and Fortinet probed mass exploitation of FortiManager (CVE-2024-47575), with threat group UNC5820 targeting configs of managed devices. https://t.co/rqGE8zmWLV

    @aamirhabib911

    9 Nov 2024

    48 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  42. [ITmedia エンタープライズ]Cybersecurity Dive:Fortinetが重大なゼロデイ脆弱性「CVE-2024-47575」を公開 顧客に警告 https://t.co/GbR5j98WeI

    @itmedia

    9 Nov 2024

    1830 Impressions

    2 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    1 Quote

  43. Actively exploited CVE : CVE-2024-47575

    @transilienceai

    8 Nov 2024

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  44. 【FortiManagerの脆弱性情報が公開されました(CVE-2024-47575)】 利用者の皆様は被害防止対策をお願いいたします。 Fortinet社HP☞ https://t.co/5Co6fgKQcg #愛媛県警 #サイバーセキュリティ #脆弱性 #Fortinet https://t.co/0IuKQ6fLoY

    @ehimepolice

    8 Nov 2024

    2532 Impressions

    14 Retweets

    18 Likes

    1 Bookmark

    0 Replies

    1 Quote

  45. CVE-2024-47575: Frequently Asked Questions About FortiJump Zero-Day in FortiManager and FortiManager Cloud https://t.co/oWDx0k70eV https://t.co/Md7PWV86q4

    @NickBla41002745

    7 Nov 2024

    88 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  46. Actively exploited CVE : CVE-2024-47575

    @transilienceai

    5 Nov 2024

    72 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  47. Opasna FortiJump ranjivost (CVE-2024-47575) https://t.co/vZbY4q1yHi #cve_2024_47575 #fgfmprotocol #fortigatesecurity #fortijump #fortimanagervulnerability #fortinetflaw #mitigationmeasures #networksecurity #systemcompromises #zerodayvulnerability

    @SajberInfoBlog

    5 Nov 2024

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  48. Bishop Fox explores “FortiJump” (CVE-2024-47575) – a FortiManager vulnerability exploited in the wild. See how we analyzed the exploit, cracked firmware encryption, & what it means for security teams. Full analysis: https://t.co/F429OkilyC #cybersecurity #BFLabs #FortiJump

    @JeffMultz

    5 Nov 2024

    113 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  49. Excited to share our research and analysis on Fortinet's latest 0-day! CVE-2024-47575 https://t.co/QPt4oRvau9

    @jpg_lab

    4 Nov 2024

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  50. 🚨🔓 Fully patched @Fortinet’s FortiManager is still vulnerable to CVE-2024-47575. According to @watchtowrcyber “Please, remove this from the Internet *even if fully patched* speak soon.” https://t.co/47XrGAUnET

    @IntCyberDigest

    4 Nov 2024

    598 Impressions

    0 Retweets

    4 Likes

    1 Bookmark

    1 Reply

    0 Quotes

Configurations

References