cnvd - cnvd-2025-03520

cnvd-2025-03520

Vulnerability from cnvd

Title

Fortinet FortiOS权限提升漏洞

Description

FortiOS是Fortinet公司开发的核心网络安全操作系统，广泛应用于FortiGate下一代防火墙，为用户提供防火墙、VPN、入侵防御、应用控制等多种安全功能。 Fortinet FortiOS存在权限提升漏洞。该漏洞是由于受影响版本的权限分配机制存在缺陷。攻击者可以利用该漏洞将权限提升为超级管理员。

Severity

高

Patch Name

Fortinet FortiOS权限提升漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新: https://fortiguard.fortinet.com/psirt/FG-IR-24-302

Reference

https://nvd.nist.gov/vuln/detail/CVE-2024-40591

Impacted products

Name
['Fortinet FortiOS 7.6.0', 'Fortinet FortiOS >=7.4.0，<=7.4.4', 'Fortinet FortiOS >=7.2.0，<=7.2.9', 'Fortinet FortiOS <=7.0.15']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-40591",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-40591"
    }
  },
  "description": "FortiOS\u662fFortinet\u516c\u53f8\u5f00\u53d1\u7684\u6838\u5fc3\u7f51\u7edc\u5b89\u5168\u64cd\u4f5c\u7cfb\u7edf\uff0c\u5e7f\u6cdb\u5e94\u7528\u4e8eFortiGate\u4e0b\u4e00\u4ee3\u9632\u706b\u5899\uff0c\u4e3a\u7528\u6237\u63d0\u4f9b\u9632\u706b\u5899\u3001VPN\u3001\u5165\u4fb5\u9632\u5fa1\u3001\u5e94\u7528\u63a7\u5236\u7b49\u591a\u79cd\u5b89\u5168\u529f\u80fd\u3002\n\nFortinet FortiOS\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u53d7\u5f71\u54cd\u7248\u672c\u7684\u6743\u9650\u5206\u914d\u673a\u5236\u5b58\u5728\u7f3a\u9677\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u5c06\u6743\u9650\u63d0\u5347\u4e3a\u8d85\u7ea7\u7ba1\u7406\u5458\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0:\r\nhttps://fortiguard.fortinet.com/psirt/FG-IR-24-302",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-03520",
  "openTime": "2025-02-24",
  "patchDescription": "FortiOS\u662fFortinet\u516c\u53f8\u5f00\u53d1\u7684\u6838\u5fc3\u7f51\u7edc\u5b89\u5168\u64cd\u4f5c\u7cfb\u7edf\uff0c\u5e7f\u6cdb\u5e94\u7528\u4e8eFortiGate\u4e0b\u4e00\u4ee3\u9632\u706b\u5899\uff0c\u4e3a\u7528\u6237\u63d0\u4f9b\u9632\u706b\u5899\u3001VPN\u3001\u5165\u4fb5\u9632\u5fa1\u3001\u5e94\u7528\u63a7\u5236\u7b49\u591a\u79cd\u5b89\u5168\u529f\u80fd\u3002\r\n\r\nFortinet FortiOS\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u53d7\u5f71\u54cd\u7248\u672c\u7684\u6743\u9650\u5206\u914d\u673a\u5236\u5b58\u5728\u7f3a\u9677\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u5c06\u6743\u9650\u63d0\u5347\u4e3a\u8d85\u7ea7\u7ba1\u7406\u5458\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Fortinet FortiOS\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Fortinet FortiOS 7.6.0",
      "Fortinet FortiOS \u003e=7.4.0\uff0c\u003c=7.4.4",
      "Fortinet FortiOS \u003e=7.2.0\uff0c\u003c=7.2.9",
      "Fortinet FortiOS \u003c=7.0.15"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2024-40591",
  "serverity": "\u9ad8",
  "submitTime": "2025-02-14",
  "title": "Fortinet FortiOS\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}

CVE-2024-40591 (GCVE-0-2024-40591)

Vulnerability from cvelistv5

Published

2025-02-11 16:09

Modified

2025-02-14 04:55

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RC:R

CWE

CWE-266 - Escalation of privilege

Summary

An incorrect privilege assignment vulnerability [CWE-266] in Fortinet FortiOS version 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.9 and before 7.0.15 allows an authenticated admin whose access profile has the Security Fabric permission to escalate their privileges to super-admin by connecting the targetted FortiGate to a malicious upstream FortiGate they control.

References

URL

Tags

https://fortiguard.fortinet.com/psirt/FG-IR-24-302