Fortinet Urges Immediate Patching to Combat Zero-Day Firewall Vulnerability

Fortinet, a leading cybersecurity firm, has issued a critical security advisory urging users to apply a patch to address a zero-day vulnerability affecting its FortiGate firewalls. Tracked as CVE-2024-55591, the flaw allows malicious actors to exploit an authentication bypass vulnerability in FortiOS versions 7.0.0 through 7.0.16 and FortiProxy versions 7.0.0 through 7.0.19, and 7.2.0 through 7.2.12, potentially granting them super-admin privileges.

Incidents of exploitation have been reported in the wild, prompting Fortinet to release the patch promptly. Despite the patch release, cybersecurity researchers have observed widespread exploitation of the vulnerability even before the fix was available. While exact numbers of affected endpoints remain unknown, it is suspected that ransomware operators are among the threat actors leveraging the vulnerability to breach networks.

As a response to the escalating threat, the US Cybersecurity and Infrastructure Security Agency (CISA) has included this FortiGate vulnerability in its catalog of exploited flaws, emphasizing the urgency for federal agencies to patch their systems by February 4, 2025, or discontinue the use of FortiGate products. These developments underscore the critical need for organizations to prioritize cybersecurity measures and promptly apply available patches to mitigate the risk of cyberattacks.