Heap-Based Buffer Overflow in Fortinet FortiOS and FortiManager Products
CVE-2024-50571

6.5MEDIUM

Key Information:

Vendor: Fortinet
Status: FortiOS; Fortiproxy; Fortimanager; Fortianalyzer
Vendor: CVE Published:; 14 October 2025

What is CVE-2024-50571?

A heap-based buffer overflow vulnerability exists in Fortinet's FortiOS and related products, allowing attackers to execute unauthorized commands through specially crafted requests. This issue affects multiple versions across FortiOS, FortiManager, FortiAnalyzer, and FortiProxy, leading to significant risks for network security. It is essential for users to promptly apply security updates to mitigate potential exploits.

Affected Version(s)

FortiAnalyzer 7.6.0 <= 7.6.2

FortiAnalyzer 7.4.0 <= 7.4.5

FortiAnalyzer 7.2.0 <= 7.2.8

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-442

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 14, 2025
Vulnerability Reserved
Oct 24, 2024

JSON