Platform
fortinet
Component
fortimanager-fortianalyzer
Fixed in
7.4.4
7.2.6
7.0.13
6.2.14
7.4.4
7.2.6
7.0.13
6.2.14
CVE-2024-36512 describes a path traversal vulnerability discovered in Fortinet FortiManager and FortiAnalyzer. This flaw allows an attacker to potentially execute unauthorized code or commands through specially crafted HTTP or HTTPS requests. The vulnerability affects versions 6.2.10 through 7.4.3 of FortiManager and FortiAnalyzer, and a fix is available in version 7.4.4.
The path traversal vulnerability allows an attacker to bypass security controls and access files or directories outside of the intended scope. Successful exploitation could lead to the execution of arbitrary code on the affected system, potentially granting the attacker full control. This could involve reading sensitive configuration files, modifying system settings, or even installing malware. The blast radius extends to any data stored on the FortiManager or FortiAnalyzer, including network configurations, logs, and user credentials. Given the central role of these devices in network management, a successful attack could have widespread consequences.
CVE-2024-36512 was publicly disclosed on January 14, 2025. The vulnerability's impact is amplified by the critical role FortiManager and FortiAnalyzer play in many network environments. While no public exploits are currently known, the ease of exploitation associated with path traversal vulnerabilities suggests a potential for rapid exploitation if a proof-of-concept is released. The vulnerability has not yet been added to the CISA KEV catalog.
Exploit Status
EPSS
0.64% (70% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-36512 is to upgrade FortiManager and FortiAnalyzer to version 7.4.4 or later. If immediate upgrading is not possible, consider implementing temporary workarounds such as restricting network access to the management interfaces using a Web Application Firewall (WAF) or proxy server. Configure the WAF to block requests containing suspicious path traversal patterns (e.g., “../”). Regularly review access logs for any unusual activity. After upgrading, verify the fix by attempting to access files outside the intended directory using a crafted HTTP request; access should be denied.
Actualice FortiManager y FortiAnalyzer a la última versión disponible. Consulte el advisory de Fortinet (FG-IR-24-152) para obtener información específica sobre las versiones corregidas y las instrucciones de actualización.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-36512 is a Path Traversal vulnerability affecting Fortinet FortiManager and FortiAnalyzer versions 6.2.10–7.4.3, allowing attackers to potentially execute unauthorized code.
You are affected if you are running FortiManager or FortiAnalyzer versions 6.2.10 through 7.4.3. Check your version and upgrade immediately.
Upgrade to FortiManager/FortiAnalyzer version 7.4.4 or later. As a temporary workaround, restrict network access using a WAF or proxy.
While no public exploits are currently known, the vulnerability's nature suggests a potential for rapid exploitation if a proof-of-concept is released.
Refer to the official Fortinet security advisory for detailed information and mitigation steps: [https://fortinet.com/security/advisory/psirt24-002]
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.