Tag Archives: FortiJump

About Remote Code Execution – FortiManager “FortiJump” (CVE-2024-47575) vulnerability

About Remote Code Execution - FortiManager FortiJump (CVE-2024-47575) vulnerability

About Remote Code Execution – FortiManager “FortiJump” (CVE-2024-47575) vulnerability. FortiManager is a centralized solution for configuring, enforcing policies, updating, and monitoring Fortinet network devices.

🔻 The vulnerability was released on October 23. A missing authentication for critical function in the FortiManager fgfmd (FortiGate-to-FortiManager) daemon allows remote attacker to execute arbitrary code or commands via specially crafted requests. There were signs of exploitation in the wild and the vulnerability was added to the CISA KEV.

🔻 On November 15, WatchTowr Labs published a post about this “FortiJump” vulnerability with a video demo and a link to the PoC. The researchers noted that the IOCs in the Fortinet bulletin can be bypassed. And the patch itself is incomplete. It is possible to escalate privileges on a patched device by exploiting a vulnerability called “FortiJump Higher”.

На русском