CVE-2024-26012

Medium

Published: 14 January 2025

Published

14 January 2025

Modified

31 January 2025

KEV Added

—

Patch

—

CVSS Score 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0007 20.6th percentile

Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-26012 is a medium-severity OS Command Injection (CWE-78) vulnerability in Fortinet Fortiap. Its CVSS base score is 6.7 (Medium).

Operationally, ranked at the 20.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly mitigates OS command injection by requiring validation of CLI inputs to neutralize special elements.

SI-2 Flaw Remediation good match

prevent

Addresses the specific flaw in FortiAP CLI by requiring timely remediation through vendor patching.

AC-6 Least Privilege partial match

prevent

Limits exploitation potential by restricting high-privilege access required for local authenticated CLI attacks.

NVD Description

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiAP-S 6.2 all verisons, and 6.4.0 through 6.4.9, FortiAP-W2 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.3, and 7.4.0 through 7.4.2, FortiAP 6.4…

all versions, 7.0 all versions, 7.2.0 through 7.2.3, and 7.4.0 through 7.4.2 allow a local authenticated attacker to execute unauthorized code via the CLI.

Deeper analysisAI

CVE-2024-26012 is an OS command injection vulnerability (CWE-78) due to improper neutralization of special elements used in an OS command. It affects Fortinet FortiAP-S all 6.2 versions and 6.4.0 through 6.4.9; FortiAP-W2 all 6.4 versions, all 7.0 versions, 7.2.0 through 7.2.3, and 7.4.0 through 7.4.2; and FortiAP all 6.4 versions, all 7.0 versions, 7.2.0 through 7.2.3, and 7.4.0 through 7.4.2. The issue enables a local authenticated attacker to execute unauthorized code via the CLI. It carries a CVSS v3.1 base score of 6.7 (AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H), rated as medium severity.

An attacker requires local access and high-privilege authentication (PR:H) to exploit the vulnerability with low complexity (AC:L) and no user interaction. Successful exploitation allows execution of arbitrary OS commands, resulting in high impacts to confidentiality, integrity, and availability, potentially leading to full compromise of the affected FortiAP device.

Mitigation details are available in the Fortinet PSIRT advisory at https://fortiguard.fortinet.com/psirt/FG-IR-23-405. Security practitioners should consult this reference for patching instructions and workarounds specific to the affected versions.

Details

CWE(s): CWE-78

Affected Products

fortinet

fortiap

6.4.1 — 7.2.4 · 7.4.0 — 7.4.3

fortinet

fortiap-s

6.2.0 — 6.4.10

fortinet

fortiap-w2

6.4.0 — 7.2.4 · 7.4.0 — 7.4.3

CVEs Like This One

CVE-2025-66178Same vendor: Fortinet

CVE-2026-25836Same vendor: Fortinet

CVE-2024-27778Same vendor: Fortinet

CVE-2024-54018Same vendor: Fortinet

CVE-2024-55590Same vendor: Fortinet

CVE-2024-40584Same vendor: Fortinet

CVE-2024-50569Same vendor: Fortinet

CVE-2024-50566Same vendor: Fortinet

CVE-2026-39808Same vendor: Fortinet

CVE-2025-53949Same vendor: Fortinet

References

https://fortiguard.fortinet.com/psirt/FG-IR-23-405
Vendor Advisory · psirt@fortinet.com