Privilege Escalation Vulnerability in Fortinet FortiOS

CVE-2024-40591

What is CVE-2024-40591?

CVE-2024-40591 is a privilege escalation vulnerability found in Fortinet FortiOS, a security operating system widely used in network devices such as firewalls. This vulnerability allows an authenticated admin with specific access rights to elevate their privileges to that of a super-admin. By connecting a compromised FortiGate device to a malicious upstream FortiGate, the security of an organization's network could be severely undermined, making it susceptible to unauthorized access and control.

Technical Details

The vulnerability arises from an incorrect privilege assignment (CWE-266) in multiple versions of FortiOS, specifically in 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.9, and in versions before 7.0.15. Authenticated administrators who possess permissions relating to the Security Fabric can exploit this flaw by establishing a connection with a FortiGate device they control that has been compromised. This incorrect assignment allows a significant escalation of privileges, leading to serious security concerns.

Potential Impact of CVE-2024-40591

1. Unauthorized Access: Successful exploitation of this vulnerability could allow an attacker to gain super-admin privileges, enabling them to access sensitive configurations, modify security settings, and undermine the integrity of the network.

2. Data Breaches: With elevated privileges, an attacker could exfiltrate sensitive data, leading to potential data breaches that compromise personal, financial, or proprietary information, significantly impacting an organization’s reputation and operations.

3. Wider Network Compromise: The capability to escalate privileges can lead to further exploitation of other connected systems within the network, potentially facilitating lateral movement and escalating the overall risk of a full-scale cyber incident.

References