Critical Fortinet Vulnerability (CVE-2024-48887) Puts FortiSwitch Admin Credentials at Risk - #CVE-2024-48887
Fortinet has disclosed a critical vulnerability (CVE-2024-48887) in FortiSwitch, allowing unauthenticated attackers to modify admin passwords remotely. With a CVSS score of 9.3, this flaw affects multiple versions of FortiSwitch and poses a significant security risk. Fortinet has released patches and recommends immediate upgrades, along with additional security measures such as disabling HTTP/HTTPS access on administrative interfaces. Alongside this, Fortinet addressed other vulnerabilities across its product line, including FortiAnalyzer, FortiManager, and FortiOS. These issues range from inadequately secured credentials to man-in-the-middle vulnerabilities. While no active exploitations have been reported, the potential impact is substantial given the critical nature of the vulnerabilities and Fortinet's history of exploited flaws.