Critical FortiSwitch Vulnerability Let Attackers Remotely Change Admin Passwords
CVE-2024-48887 Could Let Unauthenticated Attackers Take Over Devices via GUI Exploit
Fortinet has released emergency patches for a critical vulnerability in its FortiSwitch networking devices that could allow unauthenticated attackers to remotely reset administrator passwords using the device’s graphical user interface (GUI).
Tracked as CVE-2024-48887, the bug is rated 9.8 out of 10 on the CVSS severity scale, making it one of the most serious vulnerabilities to affect Fortinet’s product line this year.
Flaw Discovered Internally
The vulnerability was found by Daniel Rozeboom of the FortiSwitch web UI development team, and reported internally.
According to Fortinet’s advisory:
“An unverified password change vulnerability [CWE-620] in FortiSwitch GUI may allow a remote unauthenticated attacker to modify admin passwords via a specially crafted request.”
The attack is low complexity, requires no authentication, and does not require user interaction, making it highly exploitable in real-world conditions.
See Also: So, you want to be a hacker?
Offensive Security, Bug Bounty Courses
Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.
Affected Versions and Patches
| FortiSwitch Version | Affected Builds | Fixed in Version |
|---|---|---|
| 7.6 | 7.6.0 | 7.6.1 |
| 7.4 | 7.4.0 – 7.4.4 | 7.4.5 |
| 7.2 | 7.2.0 – 7.2.8 | 7.2.9 |
| 7.0 | 7.0.0 – 7.0.10 | 7.0.11 |
| 6.4 | 6.4.0 – 6.4.14 | 6.4.15 |
Fortinet recommends users immediately upgrade to the fixed versions to avoid potential exploitation.
Temporary Workaround
For those unable to apply the patches immediately, Fortinet recommends:
Disabling HTTP/HTTPS access on administrative interfaces
Restricting access to FortiSwitch devices via firewall rules or trusted host configurations
These mitigation steps reduce the attack surface but do not fully eliminate the risk posed by CVE-2024-48887.
Fortinet Fixes Other Critical Vulnerabilities
Alongside CVE-2024-48887, Fortinet also released fixes for several other high-risk flaws, including:
CVE-2024-54024 – OS Command Injection in FortiIsolator
CVE-2024-26013 & CVE-2024-50565 – Man-in-the-middle vulnerabilities in FortiOS, FortiProxy, FortiManager, FortiAnalyzer, FortiVoice, and FortiWeb
Trending: Offensive Security Tool: CTFPacker
A Pattern of Active Exploits
Fortinet vulnerabilities have been a prime target for threat actors, often exploited as zero-days:
CVE-2024-47575 (“FortiJump”): Used in attacks against over 50 FortiManager servers
December 2024 VPN zero-day: Exploited by Chinese hackers using DeepData toolkit
CVE-2024-55591 & CVE-2025-24472: Recently used in ransomware campaigns
This track record highlights why Fortinet device owners must act quickly to patch any exposed systems.
If you manage FortiSwitch devices, apply the patches now or isolate the devices. In an environment where password reset vulnerabilities can become full device takeovers, delay could be costly.
Are u a security researcher? Or a company that writes articles about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing? If you want to express your idea in an article contact us here for a quote: [email protected]
Source: bleepingcomputer.com
Recent News
Meta Patches WhatsApp for Windows Vulnerability That Enables Code Execution via File Spoofing
New Neptune RAT Variant Spreads via YouTube and Telegram, Targets Windows Users
Oracle Breach Exposes Millions of Stolen Credentials from Legacy Cloud System
Apple Backports Zero-Day Fixes to Older iOS and macOS Versions
Offensive Security & Ethical Hacking Course
Begin the learning curve of hacking now!
Information Security Solutions
Find out how Pentesting Services can help you.
