CVE-2024-55591 is a FortiOS/FortiProxy authentication bypass exploited in the wild to create super-admin accounts and compromise firewall configurations. Upgrade to FortiOS 7.0.17+ immediately. Disable HTTP/HTTPS admin access from the internet as a compensating control. Review admin accounts for unauthorized additions.
FortiOS and FortiProxy Authentication Bypass Vulnerability allows unauthenticated attackers to gain super-admin privileges via WebSocket.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →