Cyber Resilience

CVE-2024-35273

High

Published: 14 January 2025

Published
14 January 2025
Modified
31 January 2025
KEV Added
Patch
CVSS Score v3.1 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0030 54.0th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-35273 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Fortinet Fortianalyzer. Its CVSS base score is 7.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 46.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-35273 is an out-of-bounds write vulnerability (CWE-787) affecting Fortinet FortiManager versions 7.4.0 through 7.4.2 and FortiAnalyzer versions 7.4.0 through 7.4.2. The flaw arises from improper bounds checking, enabling an attacker to trigger the issue via specially crafted HTTP requests. It has a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact on confidentiality, integrity, and availability.

An authenticated attacker with high privileges (PR:H) can exploit this vulnerability remotely over the network (AV:N) with low complexity (AC:L) and no user interaction required (UI:N). By sending malicious HTTP requests, the attacker can achieve privilege escalation, potentially gaining unauthorized access to higher-level permissions or full system compromise within the affected FortiManager or FortiAnalyzer instances.

Fortinet has published advisory FG-IR-24-106 at https://fortiguard.fortinet.com/psirt/FG-IR-24-106, which provides details on mitigation, including available patches for the vulnerable versions. Security practitioners should consult this advisory for upgrade instructions and apply fixes promptly to affected systems.

EU & UK References

Vulnerability details

A out-of-bounds write in Fortinet FortiManager version 7.4.0 through 7.4.2, FortiAnalyzer version 7.4.0 through 7.4.2 allows attacker to escalation of privilege via specially crafted http requests.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Out-of-bounds write via authenticated HTTP requests directly enables local/remote privilege escalation to full system compromise on the management appliance.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-35275Same product: Fortinet Fortianalyzer
CVE-2025-48418Same product: Fortinet Fortianalyzer
CVE-2025-68648Same product: Fortinet Fortianalyzer
CVE-2024-35276Same product: Fortinet Fortianalyzer
CVE-2024-33503Same product: Fortinet Fortianalyzer
CVE-2024-45331Same product: Fortinet Fortianalyzer
CVE-2024-50563Same product: Fortinet Fortianalyzer
CVE-2024-46662Same product: Fortinet Fortimanager
CVE-2025-61848Same product: Fortinet Fortianalyzer
CVE-2024-40584Same product: Fortinet Fortianalyzer

Affected Assets

fortinet
fortianalyzer
7.4.0 — 7.4.4
fortinet
fortianalyzer cloud
7.4.1 — 7.4.3
fortinet
fortimanager
7.4.0 — 7.4.3
fortinet
fortimanager cloud
7.4.1 — 7.4.3

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses the CVE by requiring timely remediation of the out-of-bounds write flaw through vendor patches as specified in the Fortinet advisory.

prevent

Prevents exploitation of the vulnerability by enforcing validation of specially crafted HTTP request inputs to ensure proper bounds checking.

prevent

Mitigates memory corruption from out-of-bounds writes using protections like ASLR and DEP, reducing privilege escalation success even if the flaw is triggered.

References