CRITICAL🇵🇱 Wersja polska

CVE-2024-48887

CVSS 9.8v3.1pub. 2025-04-08upd. 2025-07-23

A unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin passwords via a specially crafted request

🤖 AI Analysis
How it works

The password change mechanism in FortiSwitch GUI does not verify the identity of the requester — proper authentication is missing before executing the password modification operation (CWE-620: Unverified Password Change). The attacker sends a properly crafted HTTP request to the management interface, bypassing all access control mechanisms. As a result, the administrator account password is overwritten with a value controlled by the attacker without requiring knowledge of the current password or possessing an active session.

Impact

An attacker can gain full administrative control over the FortiSwitch device, enabling modification of network configuration, disabling security measures, lateral movement within the infrastructure, and further compromise of the network environment.

Mitigation & patch

Apply patches available from the manufacturer according to references (https://fortiguard.fortinet.com/psirt/FG-IR-24-435). As an interim remedial measure, it is recommended to restrict access to the FortiSwitch GUI interface exclusively to trusted IP addresses through firewall rules and to disable GUI access from untrusted networks if not strictly necessary.

Who is affected

Fortinet FortiSwitch — versions specified in manufacturer references (bulletin FG-IR-24-435)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Fortinet Fortiswitch

    OS
    Fortinet
    7.6.06.4.0 – 6.4.15 (bez)7.0.0 – 7.0.11 (bez)7.2.0 – 7.2.9 (bez)7.4.0 – 7.4.5 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2023-25610CRITICAL9.8PL ✓ten sam produkt

Buffer Underflow w interfejsie administracyjnym Fortinet FortiOS / FortiProxy — RCE bez uwierzytelnienia

CVE-2023-37936CRITICAL9.8PL ✓ten sam produkt

Fortinet FortiSwitch — użycie zakodowanego klucza kryptograficznego umożliwia RCE

CVE-2016-4573CRITICAL9.8ten sam produkt

Fortinet FortiSwitch FSW-108D-POE, FSW-124D, FSW-124D-POE, FSW-224D-POE, FSW-224D-FPOE, FSW-248D-POE, FSW-248D...

CVE-2016-6909CRITICAL9.8ten sam produkt

Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x bef...

CVE-2023-37937HIGH7.8ten sam produkt

An improper neutralization of special elements used in an os command ('os command injection') in Fortinet Fort...