Fortinet Warns of FortiSwitch Vulnerability Let Attackers Modify Admin Passwords
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
Fortinet has issued a critical advisory regarding a newly discovered vulnerability in its FortiSwitch product line.
The vulnerability, identified as an unverified password change vulnerability (CWE-620), could allow remote, unauthenticated attackers to modify administrative passwords via specially crafted requests.
This vulnerability poses significant risks to organizations relying on FortiSwitch for secure network management.
FortiSwitch Vulnerability
The vulnerability affects FortiSwitch’s graphical user interface (GUI) and allows attackers to bypass authentication mechanisms.
This issue is particularly concerning because it does not require prior authentication, making it easier for malicious actors to exploit.
Fortinet has acknowledged the vulnerability and released patches for affected versions. The company has also provided detailed guidance on mitigating risks for organizations that cannot immediately update their systems.
The following versions of FortiSwitch are impacted:
Version Affected Builds Solution FortiSwitch 7.67.6.0Upgrade to 7.6.1 or aboveFortiSwitch 7.47.4.0 through 7.4.4Upgrade to 7.4.5 or aboveFortiSwitch 7.27.2.0 through 7.2.8Upgrade to 7.2.9 or aboveFortiSwitch 7.07.0.0 through 7.0.10Upgrade to 7.0.11 or aboveFortiSwitch 6.46.4.0 through 6.4.14Upgrade to 6.4.15 or above
Fortinet strongly advises users to apply these updates immediately to prevent potential exploitation.
Workarounds for Mitigation
For organizations unable to immediately upgrade their systems, Fortinet has suggested the following workarounds:
config system admin edit set {trusthost1 | trusthost2 | trusthost3} next end
These measures can help reduce the attack surface until a permanent fix is applied.
Daniel Rozeboom, a member of the FortiSwitch web UI development team, internally discovered and reported the vulnerability. This highlights Fortinet’s proactive approach to identifying and addressing security issues within its products.
The advisory was officially published on April 8, 2025, and users are encouraged to act promptly to secure their systems against potential exploitation.
This vulnerability underscores the importance of regular patch management and proactive security measures in safeguarding critical infrastructure against emerging threats.
Organizations using FortiSwitch should prioritize applying the recommended updates or implementing workarounds to mitigate risks.
In light of this discovery, cybersecurity experts emphasize the need for robust monitoring and incident response capabilities to detect and respond swiftly to unauthorized access attempts.
Fortinet’s swift response in addressing this issue reflects its commitment to protecting its customers from evolving cyber threats while reinforcing the importance of maintaining up-to-date systems in today’s dynamic threat landscape.
#Cyber_Security #Cyber_Security_News #Vulnerability #cyber_security #cyber_security_news
Оригинальная версия на сайте:
Fortinet Warns of FortiSwitch Vulnerability Let Attackers Modify Admin Passwords
Author: Guru BaranFortinet has issued a critical advisory regarding a newly discovered vulnerability in its FortiSwitch product line.
The vulnerability, identified as an unverified password change vulnerability (CWE-620), could allow remote, unauthenticated attackers to modify administrative passwords via specially crafted requests.
This vulnerability poses significant risks to organizations relying on FortiSwitch for secure network management.
FortiSwitch Vulnerability
The vulnerability affects FortiSwitch’s graphical user interface (GUI) and allows attackers to bypass authentication mechanisms.
This issue is particularly concerning because it does not require prior authentication, making it easier for malicious actors to exploit.
Fortinet has acknowledged the vulnerability and released patches for affected versions. The company has also provided detailed guidance on mitigating risks for organizations that cannot immediately update their systems.
The following versions of FortiSwitch are impacted:
Version Affected Builds Solution FortiSwitch 7.67.6.0Upgrade to 7.6.1 or aboveFortiSwitch 7.47.4.0 through 7.4.4Upgrade to 7.4.5 or aboveFortiSwitch 7.27.2.0 through 7.2.8Upgrade to 7.2.9 or aboveFortiSwitch 7.07.0.0 through 7.0.10Upgrade to 7.0.11 or aboveFortiSwitch 6.46.4.0 through 6.4.14Upgrade to 6.4.15 or above
Fortinet strongly advises users to apply these updates immediately to prevent potential exploitation.
Workarounds for Mitigation
For organizations unable to immediately upgrade their systems, Fortinet has suggested the following workarounds:
- Disable HTTP/HTTPS Access : Restrict access to administrative interfaces by disabling HTTP/HTTPS services.
- Configure Trusted Hosts : Limit connections to trusted hosts only by using the following commands:
config system admin edit set {trusthost1 | trusthost2 | trusthost3} next end
These measures can help reduce the attack surface until a permanent fix is applied.
Daniel Rozeboom, a member of the FortiSwitch web UI development team, internally discovered and reported the vulnerability. This highlights Fortinet’s proactive approach to identifying and addressing security issues within its products.
The advisory was officially published on April 8, 2025, and users are encouraged to act promptly to secure their systems against potential exploitation.
This vulnerability underscores the importance of regular patch management and proactive security measures in safeguarding critical infrastructure against emerging threats.
Organizations using FortiSwitch should prioritize applying the recommended updates or implementing workarounds to mitigate risks.
In light of this discovery, cybersecurity experts emphasize the need for robust monitoring and incident response capabilities to detect and respond swiftly to unauthorized access attempts.
Fortinet’s swift response in addressing this issue reflects its commitment to protecting its customers from evolving cyber threats while reinforcing the importance of maintaining up-to-date systems in today’s dynamic threat landscape.
#Cyber_Security #Cyber_Security_News #Vulnerability #cyber_security #cyber_security_news
Оригинальная версия на сайте:
