CVE-2024-48886

CVE-2024-48886 is a weak authentication vulnerability present in several Fortinet products, including FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, and 6.4.0 through 6.4.15; FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, and 2.0.0 through 2.0.14; FortiManager versions 7.6.0 through 7.6.1 and 7.4.1 through 7.4.3; FortiManager Cloud versions 7.4.1 through 7.4.3; and FortiAnalyzer Cloud versions 7.4.1 through 7.4.3. The flaw, associated with CWE-1390 and NVD-CWE-Other, enables attackers to execute unauthorized code or commands through a brute-force attack. It carries a CVSS v3.1 base score of 9.0 (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).

A remote, unauthenticated attacker can exploit this vulnerability over the network by performing a brute-force attack, which requires high attack complexity but no user interaction. Successful exploitation grants the attacker the ability to execute arbitrary code or commands on the affected system, potentially leading to full compromise given the high impacts on confidentiality, integrity, availability, and changed scope.

Mitigation details and patches are outlined in the Fortinet PSIRT advisory available at https://fortiguard.fortinet.com/psirt/FG-IR-24-221. Security practitioners should consult this reference for version-specific remediation guidance.