Ethical Hacking News
A critical vulnerability in Fortinet's FortiSwitch devices has been discovered, allowing remote attackers to change admin passwords. This vulnerability highlights the importance of proper network security measures and patch management. Organizations are advised to take immediate action to patch this vulnerability and ensure the security of their networks.
Fortinet has addressed a critical vulnerability in its FortiSwitch devices, CVE-2024-48887 (CVSS score 9.8), that can be exploited by remote attackers to change administrator passwords. The vulnerability is attributed to an unverified password change mechanism in the FortiSwitch GUI, allowing remote unauthenticated attackers to modify admin passwords via a specially crafted request. Fortinet has released security updates to address this critical vulnerability, available for download on their website. Administrators are advised to disable HTTP/HTTPS admin access and limit FortiSwitch access to trusted hosts as a temporary workaround for unpatched systems. The incident highlights the importance of proper network security, including regular software updates, access controls, patch management, and employee education on password security best practices.
Fortinet, a leading provider of network security solutions, has recently addressed a critical vulnerability in its FortiSwitch devices that can be exploited by remote attackers to change administrator passwords. This vulnerability, tracked as CVE-2024-48887 (CVSS score 9.8), was identified by researchers and subsequently reported to the company.
The vulnerability is attributed to an unverified password change mechanism in the FortiSwitch GUI, which may allow a remote unauthenticated attacker to modify admin passwords via a specially crafted request. This means that even if an administrator has not intentionally changed their password, an attacker could potentially gain access to the device and alter it without being detected.
The vulnerability was internally discovered and reported by Daniel Rozeboom of the FortiSwitch web UI development team. The impact of this vulnerability is significant, as it can be exploited by a remote attacker with minimal privileges, making it difficult for administrators to detect and respond to.
Fortinet has released security updates to address this critical vulnerability, which are available for download on the company's website. In the meantime, the company advises administrators to disable HTTP/HTTPS admin access and limit FortiSwitch access to trusted hosts as a temporary workaround for unpatched systems.
It is essential for administrators of FortiSwitch devices to take immediate action to patch this vulnerability and ensure the security of their network. The lack of proper password management can lead to significant security breaches, which can have severe consequences for organizations and individuals alike.
In recent times, there has been an increase in remote attacks on network devices, including switches like FortiSwitch. This is often due to the fact that many administrators tend to neglect password updates, making their devices vulnerable to exploitation by attackers. In this context, the critical vulnerability in FortiSwitch highlights the importance of proper network security and the need for regular software updates.
Furthermore, the incident underscores the importance of robust network security measures, including proper access controls, patch management, and employee education on password security best practices.
In conclusion, the critical vulnerability in FortiSwitch devices is a significant security threat that requires immediate attention from administrators. The availability of patches from Fortinet ensures that organizations can take steps to mitigate this risk and protect their networks from remote attackers.
Related Information:
https://www.ethicalhackingnews.com/articles/Critical-Fortinet-FortiSwitch-Vulnerability-Allows-Remote-Attackers-to-Change-Admin-Passwords-ehn.shtml
https://securityaffairs.com/176380/security/fortinet-fortiswitch-flaw.html
Published: Wed Apr 9 16:34:45 2025 by llama3.2 3B Q4_K_M
