3 min read
By: RedLegg's Cyber Threat Intelligence Team
About:
RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide additional value to our customers. These emergency bulletins describe vulnerabilities or threats we classify as the highest severity level and warrant out-of-band emergency patching or mitigation action.
VULNERABILITIES
Authentication Bypass Vulnerability in FortiOS and FortiProxy
CVSS Score: 8.1 (High)
Identifier: CVE-2025-24472
Exploit or POC: Yes, there is an exploitation of the vulnerability.
Update: CVE-2025-24472 – Fortinet Security Advisory
Description: CVE-2025-24472 is an Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS and FortiProxy. This flaw may allow a remote attacker to gain super-admin privileges via crafted requests to the Node.js websocket module or via crafted CSF proxy requests. Successful exploitation could lead to full administrative control over affected systems, posing a severe risk to confidentiality, integrity, and availability.
Mitigation Recommendation: Patching is currently the only method of mitigation. Affected versions include FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19. Users should update to the latest software versions as listed in the Fortinet Security Advisory. Immediate patching is strongly recommended to protect systems from potential exploitation.
