Sensitive Information Disclosure in Fortinet FortiManager, FortiVoice, and Other Products
CVE-2024-47569

4.2MEDIUM

Key Information:

Vendor: Fortinet
Status: Fortivoice; Fortimanager; Fortirecorder; FortiOS
Vendor: CVE Published:; 14 October 2025

What is CVE-2024-47569?

An attacker can exploit a vulnerability within Fortinet's product suite to disclose sensitive information by sending specially crafted packets. This can lead to significant risks as sensitive data may become exposed, potentially affecting the confidentiality and integrity of communications across various Fortinet applications including FortiManager, FortiVoice, and others. Users of affected versions are encouraged to update their systems promptly to mitigate this risk.

Affected Version(s)

FortiMail 7.4.0 <= 7.4.2

FortiMail 7.2.0 <= 7.2.6

FortiMail 7.0.0 <= 7.0.9

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-228

CVSS V3.1

Score:

4.2

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 14, 2025
Vulnerability Reserved
Sep 27, 2024

JSON