Threat Intelligence
Fortinet is aware that CVE-2024-55591 has been exploited in the wild.
February 12 – UPDATED THREAT INTELLIGENCE
Fortinet is aware that CVE-2024-55591 was exploited in the wild in January 2025, but is no longer being exploited.
Systems Affected
- FortiManager 6.2 all versions
- FortiManager 6.2.2 through 6.2.13
- FortiManager 6.4 all versions
- FortiManager 7.0 all versions
- FortiManager 7.2.0 through 7.2.9
- FortiManager 7.4.0 through 7.4.5
- FortiManager 7.6.0 through 7.6.1
- FortiManager Cloud 6.4 all versions
- FortiManager Cloud 7.0 all versions
- FortiManager Cloud 7.2 7.2.1 through 7.2.8
- FortiManager Cloud 7.4 7.4.1 through 7.4.5
- FortiOS 6.2 all versions
- FortiOS 6.4 all versions
- FortiOS 7.0.0 through 7.0.16
- FortiOS 7.2.0 through 7.2.9
- FortiOS 7.2.4 through 7.2.8
- FortiOS 7.4.0 through 7.4.4
- FortiOS 7.6.0
- FortiProxy 1.2 all versions
- FortiProxy 2.0 all versions
- FortiProxy 7.0.0 through 7.0.19
- FortiProxy 7.2.0 through 7.2.12
- FortiProxy version 7.4.0
- FortiAnalyzer 6.2.0 through 6.2.11
- FortiAnalyzer 6.2.2 through 6.2.13
- FortiAnalyzer 6.4 all versions
- FortiAnalyzer 7.0 all versions
- FortiAnalyzer 7.2.0 through 7.2.7
- FortiAnalyzer 7.4.0 through 7.4.4
- FortiAnalyzer 7.6.0
- FortiAnalyzer Cloud 6.4 all versions
- FortiAnalyzer Cloud 7.0 all versions
- FortiAnalyzer Cloud 7.2 7.2.1 through 7.2.5
- FortiAnalyzer Cloud 7.4 7.4.1 through 7.4.3
- FortiAnalyzer-BigData 6.2 all versions
- FortiAnalyzer-BigData 6.4 all versions
- FortiAnalyzer-BigData 7.0 all versions
- FortiAnalyzer-BigData 7.2 7.2.0 through 7.2.7
- FortiAnalyzer-BigData 7.4 7.4.0
- FortiSandbox 3.0 all versions
- FortiSandbox 3.1 all versions
- FortiSandbox 3.2 all versions
- FortiSandbox 4.0.0 through 4.0.4
- FortiSandbox 4.2.0 through 4.2.6
- FortiSandbox 4.4.0 through 4.4.4
- FortiSwitchManager version 7.0.0 through 7.0.2
- FortiSwitchManager version 7.2.0 through 7.2.2
- FortiPAM 1.0 all versions
- FortiPAM version 1.1.0 through 1.1.2
Risk
Government:
- Large and medium government entities: High
- Small government entities: Medium
Businesses:
- Large and medium business entities: High
- Small business entities: Medium
Home Users: Low
Recommendations
- Apply appropriate updates provided by Fortinet to vulnerable systems immediately after appropriate testing.
- Apply the Principle of Least Privilege to all systems and services. Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
- Use vulnerability scanning to find potentially exploitable software vulnerabilities to remediate them.
- Architect sections of the network to isolate critical systems, functions, or resources. Use physical and logical segmentation to prevent access to potentially sensitive systems and information. Use a DMZ to contain any internet-facing services that should not be exposed from the internal network. Configure separate virtual private cloud (VPC) instances to isolate critical cloud systems.
- Use capabilities to detect and block conditions that may lead to or be indicative of a software exploit occurring.
Fortinet:
https://www.fortiguard.com/<wbr />psirt/FG-IR-24-063
https://www.fortiguard.com/<wbr />psirt/FG-IR-24-094
https://www.fortiguard.com/<wbr />psirt/FG-IR-24-147
https://www.fortiguard.com/<wbr />psirt/FG-IR-24-160
https://www.fortiguard.com/<wbr />psirt/FG-IR-24-220
https://www.fortiguard.com/<wbr />psirt/FG-IR-23-261
https://www.fortiguard.com/<wbr />psirt/FG-IR-24-302
https://www.fortiguard.com/<wbr />psirt/FG-IR-24-311
https://www.fortiguard.com/<wbr />psirt/FG-IR-24-422
https://www.fortiguard.com/<wbr />psirt/FG-IR-24-535
Reporting
The NJCCIC encourages recipients who discover signs of malicious cyber activity to contact the NJCCIC via the cyber incident report form at www.cyber.nj.gov/report.
