Cyber Posture

CVE-2024-35273

High

Published: 14 January 2025

Published
14 January 2025
Modified
31 January 2025
KEV Added
Patch
CVSS Score 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0022 43.8th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-35273 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Fortinet Fortianalyzer. Its CVSS base score is 7.2 (High).

Operationally, ranked at the 43.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly addresses the CVE by requiring timely remediation of the out-of-bounds write flaw through vendor patches as specified in the Fortinet advisory.

SI-10 Information Input Validation good match
prevent

Prevents exploitation of the vulnerability by enforcing validation of specially crafted HTTP request inputs to ensure proper bounds checking.

SI-16 Memory Protection partial match
prevent

Mitigates memory corruption from out-of-bounds writes using protections like ASLR and DEP, reducing privilege escalation success even if the flaw is triggered.

NVD Description

A out-of-bounds write in Fortinet FortiManager version 7.4.0 through 7.4.2, FortiAnalyzer version 7.4.0 through 7.4.2 allows attacker to escalation of privilege via specially crafted http requests.

Deeper analysisAI

CVE-2024-35273 is an out-of-bounds write vulnerability (CWE-787) affecting Fortinet FortiManager versions 7.4.0 through 7.4.2 and FortiAnalyzer versions 7.4.0 through 7.4.2. The flaw arises from improper bounds checking, enabling an attacker to trigger the issue via specially crafted HTTP requests. It has a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact on confidentiality, integrity, and availability.

An authenticated attacker with high privileges (PR:H) can exploit this vulnerability remotely over the network (AV:N) with low complexity (AC:L) and no user interaction required (UI:N). By sending malicious HTTP requests, the attacker can achieve privilege escalation, potentially gaining unauthorized access to higher-level permissions or full system compromise within the affected FortiManager or FortiAnalyzer instances.

Fortinet has published advisory FG-IR-24-106 at https://fortiguard.fortinet.com/psirt/FG-IR-24-106, which provides details on mitigation, including available patches for the vulnerable versions. Security practitioners should consult this advisory for upgrade instructions and apply fixes promptly to affected systems.

Details

CWE(s)
CWE-787

Affected Products

fortinet
fortianalyzer
7.4.0 — 7.4.4
fortinet
fortianalyzer cloud
7.4.1 — 7.4.3
fortinet
fortimanager
7.4.0 — 7.4.3
fortinet
fortimanager cloud
7.4.1 — 7.4.3

CVEs Like This One

CVE-2024-35276Same product: Fortinet Fortianalyzer
CVE-2025-48418Same product: Fortinet Fortianalyzer
CVE-2025-68648Same product: Fortinet Fortianalyzer
CVE-2025-61848Same product: Fortinet Fortianalyzer
CVE-2024-45331Same product: Fortinet Fortianalyzer
CVE-2024-33503Same product: Fortinet Fortianalyzer
CVE-2024-35275Same product: Fortinet Fortianalyzer
CVE-2024-50563Same product: Fortinet Fortianalyzer
CVE-2024-40584Same product: Fortinet Fortianalyzer
CVE-2026-22572Same product: Fortinet Fortianalyzer

References