Fortinet has disclosed a medium-severity vulnerability in its FortiDDoS-F product line that would permit a privileged attacker to execute unauthorized instructions. Tracked as CVE-2024-45325, the flaw is an OS command injection vulnerability residing inside the product’s command-line interface (CLI).
The vulnerability, recognized as CWE-78, stems from an improper neutralization of particular components utilized in an OS command. An attacker with excessive privileges and native entry to the system may exploit this weak point by sending specifically crafted requests to the CLI.
A profitable exploit would permit the attacker to execute arbitrary code or instructions with the permissions of the applying, probably resulting in a full system compromise.
The vulnerability has been assigned a CVSSv3 rating of 6.5, categorizing it as medium severity.
The CVSS vector, AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H, signifies that an attacker requires native entry and high-level privileges, and no consumer interplay is required.
Regardless of the excessive privilege requirement, the potential impression on confidentiality, integrity, and availability is excessive. The difficulty was internally found and reported by Théo Leleu of Fortinet’s Product Safety workforce.
Affected Variations and Mitigation
Fortinet has confirmed that a number of variations of FortiDDoS-F are affected by this vulnerability. The advisory, FG-IR-24-344, revealed on September 9, 2025, outlines the particular variations and the beneficial actions for directors.
VersionAffected RangeSolutionFortiDDoS-F 7.2Not affectedNot ApplicableFortiDDoS-F 7.07.0.0 by means of 7.0.2Upgrade to 7.0.3 or aboveFortiDDoS-F 6.6All versionsMigrate to a hard and fast releaseFortiDDoS-F 6.5All versionsMigrate to a hard and fast releaseFortiDDoS-F 6.4All versionsMigrate to a hard and fast releaseFortiDDoS-F 6.3All versionsMigrate to a hard and fast releaseFortiDDoS-F 6.2All versionsMigrate to a hard and fast releaseFortiDDoS-F 6.1All versionsMigrate to a hard and fast launch
Directors working susceptible variations are strongly urged to use the beneficial updates or migrate to a patched launch to stop potential exploitation.
Organizations utilizing FortiDDoS-F 7.0 ought to improve to model 7.0.3 instantly, whereas these on older branches (6.1 by means of 6.6) should plan a migration to a safe model.
Discover this Story Attention-grabbing! Comply with us on Google Information, LinkedIn, and X to Get Extra Instantaneous Updates.
