CVE-2024-48887

🚨 Critical alert for Fortinet users! A 9.3 CVSS flaw (CVE-2024-48887) in FortiSwitch lets hackers remotely change admin passwords — no login needed. 🔧 Fix it: Upgrade ASAP (7.6.1+, 7.4.5+, 7.2.9+, 7.0.11+, 6.4.15+) ⚡ No exploits yetbut Fortinet bugs have been weaponized https

Actively exploited CVE : CVE-2024-48887

A new Fortinet vulnerability just dropped – and it’s a big one. CVE-2024-48887 lets attackers reset FortiSwitch admin passwords without authentication. One crafty HTTP request, and boom — full control over your switch. https://t.co/Q0HDxE0egm

Fortinet patches critical FortiSwitch vuln (CVE-2024-48887) allowing unauthenticated password changes via GUI. Affected: v6.4–7.6 Fix: Upgrade to 6.4.15, 7.0.11, 7.2.9, 7.4.5, or 7.6.1 Temp fix: Disable web admin access #CyberSecurity #Fortinet #CVE202448887 https://t.co/q667

🗞️ Critical FortiSwitch Flaw Enables Remote Admin Password Takeover by Hackers Fortinet’s FortiSwitch has a critical flaw (CVE-2024-48887) that lets hackers remotely change admin passwords. Rated 9.8/10 in severity, it’s a high-risk threat with no known exploits yet. Patch now

#FortiSwitch #vulnerability may give attackers control over vulnerable devices (#CVE-2024-48887) https://t.co/nkZQrmR4Cj

📢 CiberSeguridad en menos de 5 minutos 🛠️ Oracle niega brecha en la nube – Ataque afectó solo a dos servidores obsoletos; no hubo acceso a Oracle Cloud Infrastructure ni datos de clientes. 🔐 FortiSwitch con fallo crítico – CVE-2024-48887 permite a atacantes no autenticados ht

This week's major security updates: Fortinet patched a critical FortiSwitch flaw (CVE-2024-48887, 9.8 CVSS), WhatsApp fixed a malware trick (CVE-2025-30401), SAP addressed code injection (CVE-2025-27429, CVE-2025-31330) & auth bypass (CVE-2025-30016).

#CybersecurityNEWS🔴👨💻👾 Fortinet ha lanzado un parche para solucionar una vulnerabilidad crítica en FortiSwitch (CVE-2024-48887) que podría permitir a atacantes remotos cambiar contraseñas de administrador.  Ver más: https://t.co/9jwvu27u5e #ciberseguridad #DevelNews https:/

🚨 Critical flaw (CVE-2024-48887) in FortiSwitch devices allows unauthenticated attackers to change admin passwords remotely! Versions 6.4.0 to 7.6.0 impacted. Patches available. ⚠️ #Fortinet #InfoSec #USA link: https://t.co/lMhTYULXXp https://t.co/L3oW0NLms2

Security Alert – CVE-2024-48887** Critical vulnerability in FortiSwitch GUI (CVSS 9.3) Unauthenticated attackers can remotely change admin passwords. Download the alert: https://t.co/DTzhZJqbLJ Join the CERT group: https://t.co/dXZWcdoewE 1/3 https://t.co/hfR6sYz3a7

🚨 CVE-2024-48887 — Critical FortiSwitch flaw (CVSS 9.3)  Unauthenticated attackers can change admin passwords via the GUI.  Notes:  - FortiSwitch 6.4.0 → 7.6.0  - Patch now.  - Workaround: Disable HTTP/HTTPS from administrative interfaces.  Discovered internally by https://t.

🚨 CVE-2024-48887 — Critical FortiSwitch flaw (CVSS 9.3)  Unauthenticated attackers can change admin passwords via the GUI.  Impacted:  - FortiSwitch 6.4.0 → 7.6.0  - Patch now.  - Workaround: Disable HTTP/HTTPS from administrative interfaces.  Discovered internally by https:/

Fortinet has issued updates for a critical #flaw in FortiSwitch (CVE-2024-48887, CVSS 9.3) that could let attackers change admin passwords remotely via crafted requests. Users are advised to apply the updates promptly☝️🛡️ #vulnerability https://t.co/V4ccnCW5pw

⚠️ Critical vulnerability (CVE-2024-48887) found in Fortinet FortiSwitch GUI—unauthenticated attackers can change admin passwords remotely. CVSS score: 9.8 🚨 Read the full details: https://t.co/EgZLbyulXf #CyberSecurity #Fortinet #CVE202448887

Threat Alert: Fortinet Warns of Multiple Vulnerabilities in FortiAnalyzer, FortiManager, &amp- CVE-2024-48887 Severity: 🔴 High Maturity: 🧨 Trending Learn more: https://t.co/Xoqs2rWVzq #CyberSecurity #ThreatIntel #InfoSec

🚨Alert🚨 CVE-2024-48887: A unverified password change vulnerability in Fortinet FortiSwitch GUI 📊 2.7K+ Services are found on the https://t.co/ysWb28Crld yearly. 🔗Hunter Link:https://t.co/H3CFyeK5eO 👇Query HUNTER : https://t.co/q9rtuGgxk7="FortiSwitch" FOFA : https://t.co/uxk

An extremely critical vulnerability, tracked as CVE-2024-48887 CVSS 9.3 🚨, has been discovered in the FortiSwitch GUI. This unverified password change flaw [CWE-620] could allow a remote, unauthenticated attacker to modify administrator passwords by sending a specially crafted h

⚠️ Vulnerability Alert: Fortinet FortiSwitch Unverified Password Change Flaw 📅 Timeline: Disclosure: 2024-01-14, Patch: 2025-04-08 🆔 CVE: [CVE-2024-48887](https://t.co/kWCEW2JdZC) 📊 BaseScore: 9.3 📏 CVSS Metrics: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvssSeverity:

🚨 Critical alert for Fortinet users! A 9.3 CVSS flaw (CVE-2024-48887) in FortiSwitch lets hackers remotely change admin passwords — no login needed. 🔧 Fix it: Upgrade ASAP (7.6.1+, 7.4.5+, 7.2.9+, 7.0.11+, 6.4.15+) ⚡ No exploits yet—but Fortinet bugs have been weaponized http

CVE-2024-48887 A unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin passwords via a specially crafted … https://t.co/8ZSLMPM5PJ

フォーティネット社がFortiAnalyzer, FortiManager, FortiOS, FortiProxy, FortiVoice, FortiWeb, FortiSwitch等で複数の脆弱性を修正。FG-IR-24-435 (CVE-2024-48887)はFortiSwitchのHTTP/HTTPS管理IF経由で、認証無しで管理者パスワードを変更できる重大(Critical)なもの。 https://t.co/qJc0dy73EI