Security

Alert: Critical Vulnerability in FortiSwitch Devices Enables Remote Password Changes

tuffbrownboy

Overview of the Security Breach

Fortinet has urgently patched a critical vulnerability in their FortiSwitch devices, which posed a risk by allowing remote attackers to modify administrator passwords without authorization.

Discovery of the Flaw

The security flaw, identified as CVE-2024-48887, was discovered internally by Daniel Rozeboom, a member of the FortiSwitch web UI development team.

Impact and Severity

This severe security vulnerability was scored 9.8 out of 10, indicating a critical risk level. It allows unauthenticated attackers to execute low-complexity attacks without user interaction, using a specially crafted request sent to the set_password endpoint.

Patched Versions and Affected Devices

Fortinet has released patches for impacted versions ranging from FortiSwitch 6.4.0 to 7.6.0. Here’s a summary of affected versions and their respective updates:

  • FortiSwitch 7.6.0 – Update to 7.6.1 or later
  • FortiSwitch 7.4.0 through 7.4.4 – Update to 7.4.5 or later
  • FortiSwitch 7.2.0 through 7.2.8 – Update to 7.2.9 or later
  • FortiSwitch 7.0.0 through 7.0.10 – Update to 7.0.11 or later
  • FortiSwitch 6.4.0 through 6.4.14 – Update to 6.4.15 or later

Temporary Workarounds

For users unable to immediately apply the patches, Fortinet suggests disabling ‘HTTP/HTTPS Access’ from administrative interfaces and restricting access to the vulnerable FortiSwitch devices to trusted hosts only.

Other Fortinet Vulnerabilities and Patches

Alongside CVE-2024-48887, Fortinet patched additional vulnerabilities on Tuesday, including an OS command injection in FortiIsolator (CVE-2024-54024) and other flaws affecting multiple products like FortiOS and FortiProxy which could facilitate man-in-the-middle attacks.

It’s crucial for administrators and cybersecurity professionals to stay vigilant and ensure all Fortinet devices are updated to prevent unauthorized access and potential breaches.

Explore more about how these vulnerabilities were exploited in the wild and learn effective strategies to protect against such high-stakes security threats.

Related: Windows Active Directory Domain Vulnerability Let Attackers Escalate Privileges

Last Updated: April 9, 2025

Post Views: 31

Related Posts