Post

Fortinet's Critical FortiSwitch Vulnerability: What You Need to Know

Posted
By Vitus White
2 min read
Fortinet's Critical FortiSwitch Vulnerability: What You Need to Know

TL;DR

Fortinet has addressed a critical vulnerability in its FortiSwitch devices that allows remote attackers to change administrator passwords. The flaw, identified as CVE-2024-48887, affects multiple versions of FortiSwitch and can be mitigated by updating to the latest software versions.

Fortinet Addresses Critical Vulnerability in FortiSwitch Devices

Fortinet has recently released security updates to address a critical vulnerability in its FortiSwitch devices. This flaw, tracked as CVE-2024-48887 with a CVSS score of 9.8, allows remote attackers to change administrator passwords1.

Vulnerability Details

The vulnerability, classified as an unverified password change issue (CWE-620), affects the FortiSwitch GUI. It enables remote, unauthenticated attackers to modify administrator passwords through specially crafted requests2. The flaw was internally discovered and reported by Daniel Rozeboom of the FortiSwitch web UI development team3.

Affected Versions and Solutions

The vulnerability impacts the following FortiSwitch versions:

Version Affected Versions Solution
FortiSwitch 7.6 7.6.0 Upgrade to 7.6.1 or above
FortiSwitch 7.4 7.4.0 through 7.4.4 Upgrade to 7.4.5 or above
FortiSwitch 7.2 7.2.0 through 7.2.8 Upgrade to 7.2.9 or above
FortiSwitch 7.0 7.0.0 through 7.0.10 Upgrade to 7.0.11 or above
FortiSwitch 6.4 6.4.0 through 6.4.14 Upgrade to 6.4.15 or above

Fortinet recommends disabling HTTP/HTTPS admin access and limiting FortiSwitch access to trusted hosts as a temporary workaround for unpatched systems.

In June 2024, Fortinet addressed another significant flaw, CVE-2024-26010. This stack-based overflow vulnerability (CWE-124) affects FortiOS, FortiProxy, FortiPAM, and FortiSwitchManager. It could allow remote attackers to execute arbitrary code or commands by sending crafted packets to the fgfmd daemon. However, the exploitability of this vulnerability depends on specific conditions that are not controllable by the attacker4.

Conclusion

Fortinet’s prompt response to the critical FortiSwitch vulnerability underscores the importance of regular security updates and vigilant monitoring. Users are advised to update their FortiSwitch devices to the latest versions to mitigate potential risks. Staying informed about such vulnerabilities and taking proactive measures is crucial for maintaining robust cybersecurity defenses.

For more details, visit the full article: source

References

  1. (2025, April 9). “Fortinet addresses critical vulnerability in FortiSwitch devices”. Security Affairs. Retrieved 2025, April 9. ↩︎

  2. (2025, April 9). “Fortinet Advisory”. Fortinet. Retrieved 2025, April 9. ↩︎

  3. (2025, April 9). “Fortinet Advisory”. Fortinet. Retrieved 2025, April 9. ↩︎

  4. (2025, April 9). “Fortinet Addresses High-Severity Code Execution Flaws”. Security Affairs. Retrieved 2025, April 9. ↩︎

Cybersecurity & Data Protection, Vulnerabilities
fortinet fortiswitch cybersecurity
This post is licensed under CC BY 4.0 by the author.