CVE-2024-48889 is an OS Command Injection vulnerability (CWE-78) identified in Fortinet’s FortiManager and FortiManager Cloud products. This flaw allows an authenticated remote attacker to execute unauthorized code or commands by sending specially crafted FGFM (FortiGate to FortiManager) requests.
Affected Versions:
- FortiManager:
- 7.6.0
- 7.4.0 through 7.4.4
- 7.2.3 through 7.2.7
- 7.0.5 through 7.0.12
- 6.4.10 through 6.4.14
- FortiManager Cloud:
- 7.4.1 through 7.4.4
- 7.2.1 through 7.2.7
- 7.0.1 through 7.0.12
Additionally, older FortiAnalyzer models (1000E, 1000F, 2000E, 3000E, 3000F, 3000G, 3500E, 3500F, 3500G, 3700F, 3700G, 3900E) with the fmg-status
feature enabled are also impacted.
Severity:
Fortinet has assigned this vulnerability a CVSSv3 score of 7.2, categorizing it as ‘High’ severity.
Mitigation:
Fortinet recommends updating to the following versions to address this vulnerability:
- FortiManager:
- Upgrade to 7.6.1 or above
- Upgrade to 7.4.5 or above
- Upgrade to 7.2.8 or above
- Upgrade to 7.0.13 or above
- Upgrade to 6.4.15 or above
- FortiManager Cloud:
- Upgrade to 7.4.5 or above
- Upgrade to 7.2.8 or above
- Upgrade to 7.0.13 or above
See more details on: