FortiOS Vulnerability Allows Super-Admin Privilege Escalation – Patch Now!

Super-admin access vulnerability discovered in FortiOS Security Fabric. Exploitation could lead to widespread network breaches. Update now.

Fortinet has released a crucial security update addressing a high-severity vulnerability in its FortiOS Security Fabric, the company’s integrated cybersecurity platform that connects and unifies various security products and technologies. This flaw, identified as CVE-2024-40591 (CVSSv3 Score 8.0), could allow an authenticated administrator with Security Fabric permissions to escalate their privileges to the super-admin level.

The vulnerability stems from improper privilege management, specifically an incorrect privilege assignment . This issue affects multiple versions of FortiOS, including 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, and all versions of 6.4.

The vulnerability can be exploited if a malicious actor gains control of an upstream FortiGate device. By connecting a targeted FortiGate to this compromised upstream device, the attacker could leverage the improper privilege assignment to gain super-admin access. This level of access grants extensive control over the affected system, potentially leading to significant security breaches.

Fortinet has urged users to update their FortiOS installations immediately to mitigate this risk. Specific patch versions have been released for each affected branch: versions 7.6.1, 7.4.5, 7.2.10, and 7.0.16, respectively. Users running version 6.4 are advised to migrate to a patched release. Fortinet’s upgrade tool is available online to assist users in selecting the appropriate update path.

It is worth noting that the FortiOS Security Fabric plays a vital role in simplifying enterprise security management across various Fortinet modules. That’s why, vulnerabilities within such core components can have far-reaching consequences.

Such as a threat actor gaining super-admin privileges in a security system designed to protect enterprises is possible in such situations. This level of access can allow attackers to gain complete control over the security infrastructure, potentially leading to widespread network breaches, data exfiltration, and other malicious activities.

The prompt release of patches by Fortinet indicates the sensitivity of the issue. Therefore, it is important to update FortiOS-based systems to stay protected.

For your information, this vulnerability was internally discovered and reported by Justin Lum from Fortinet’s R&D team. His discovery highlights the importance of internal security testing and vulnerability research within software development organizations.

Jim Routh, Chief Trust Officer at Saviynt, shared his comments with Hackread.com in which he emphasized the value of such internal efforts in identifying and addressing potential security flaws before they can be exploited by malicious actors. Here’s his full comment:

“The FortiOS Security Fabric Vulnerability that was patched is an excellent example of the value to a critical software provider in pen testing applications performed by an internal or external resource. In this case, a Fortinet employee, Justin Lum, discovered the vulnerability and initiated a process to produce the necessary patches to the impacted software versions.

• FortiOS 7.6.0
• FortiOS 7.4.0–7.4.4
• FortiOS 7.2.0–7.2.9
• FortiOS 7.0.0–7.0.15
• FortiOS 6.4 (all versions; requires migration)

The potential for exploitability for a set of cyber security capabilities designed to protect enterprises reaches a critical threshold with “super admin” privileged access, once the vulnerability is exploited by a threat actor. Threat actors dream about and strive for obtaining “super admin” privilege, especially for software designed to protect enterprises.”