BeyondMachines :verified:<p>Fortinet authentication bypass flaw enables device takeover</p><p>Fortinet patched an authentication bypass vulnerability (CVE-2024-26009) in the FortiGate-to-FortiManager protocol that allows attackers to gain administrative access by crafting malicious requests using a known FortiManager serial number, typically obtained through insider threats or social engineering. The flaw affects multiple Fortinet enterprise security products including FortiOS, FortiProxy, FortiPAM, and FortiSwitchManager.</p><p>**If you are using FortiManager to manage Fortinet devices, make sure they are isolated from the internet and accessible only from trustef network. Communicate this flaw and the risk of phishing attempts to all admins. Finally, plan a patch process, which may be complex.**<br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/advisory" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>advisory</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a><br><a href="https://beyondmachines.net/event_details/fortinet-authentication-bypass-flaw-enables-device-takeover-h-8-k-d-s/gD2P6Ple2L" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">beyondmachines.net/event_detai</span><span class="invisible">ls/fortinet-authentication-bypass-flaw-enables-device-takeover-h-8-k-d-s/gD2P6Ple2L</span></a></p>