Fortinet Patches Critical Vulnerability in FortiSwitch GUI

⚡ TL;DR | Go Straight to the Fortinet Vulnerability Audit Report

Fortinet has released security updates for their FortiSwitch ethernet switches in response to an unverified password change vulnerability. We have added a new report to Lansweeper that allows you to find vulnerable devices in need of an update.

FortiSwitch Vulnerability CVE-2024-48887

The vulnerability tracked as CVE-2024-48887 is an unverified password change vulnerability located in the FortiSwitch GUI and received a critical CVSS score of 9.3. When exploited it could allow a remote unauthenticated attacker to modify admin passwords via a specially crafted request, possibly compromising sensitive data and systems. You can find all the details in Fortinet’s advisory.

Update Vulnerable Fortinet Installations

Fortinet has released updates for the affected FortiSwitch versions. Users are advised to update vulnerable instances to the latest version as soon as possible.

Product and Version	Affected Version	Solution
FortiSwitch 7.6	7.6.0	Upgrade to 7.6.1 or above
FortiSwitch 7.4	7.4.0 through 7.4.4	Upgrade to 7.4.5 or above
FortiSwitch 7.2	7.2.0 through 7.2.8	Upgrade to 7.2.9 or above
FortiSwitch 7.0	7.0.0 through 7.0.10	Upgrade to 7.0.11 or above
FortiSwitch 6.4	6.4.0 through 6.4.14	Upgrade to 6.4.15 or above

Fortinet’s advisory also offered a possible workaround by disabling the HTTP/HTTPS administrative interfaces and restricting access to the system to only trusted hosts. You can find detailed instructions in the advisory

Discover Vulnerable Fortinet Installs

Our team has added a new report to Lansweeper to help you locate vulnerable FortiSwitches in your network. This will give you a list of instances of Fortinet products and their versions, so you can more easily check if they are all up to date. You can get the reports via the link below.