Cyber Resilience

CVE-2024-47571

High

Published: 14 January 2025

Published
14 January 2025
Modified
19 March 2025
KEV Added
Patch
CVSS Score v3.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0172 82.8th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-47571 is a high-severity Operation on a Resource after Expiration or Release (CWE-672) vulnerability in Fortinet Fortimanager. Its CVSS base score is 8.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 17.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and AC-3 (Access Enforcement).

Deeper analysis

CVE-2024-47571 is a vulnerability involving an operation on a resource after its expiration or release (CWE-672) in Fortinet FortiManager versions 6.4.12 through 7.4.0. This flaw enables an attacker to gain improper access to connected FortiGate devices using valid credentials. The vulnerability carries a CVSS v3.1 base score of 8.1 (High), reflecting network accessibility (AV:N), high attack complexity (AC:H), no required privileges (PR:N), no user interaction (UI:N), and unchanged scope (S:U) with high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H).

An unauthenticated attacker with network access to the vulnerable FortiManager instance can exploit this issue despite the high complexity requirement. Successful exploitation allows the attacker to leverage valid credentials for improper access to FortiGate firewalls managed by the FortiManager, potentially enabling full compromise of those devices through unauthorized read, modification, or disruption of configurations and operations.

Fortinet's advisory (FG-IR-24-239) at https://fortiguard.fortinet.com/psirt/FG-IR-24-239 provides details on mitigation, including available patches for affected FortiManager versions. Security practitioners should consult this advisory for upgrade instructions and any temporary workarounds.

EU & UK References

Vulnerability details

An operation on a resource after expiration or release in Fortinet FortiManager 6.4.12 through 7.4.0 allows an attacker to gain improper access to FortiGate via valid credentials.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Direct exploitation of network-accessible FortiManager (public-facing management app) to obtain unauthorized access to managed FortiGate devices via valid credentials, matching initial access via vulnerable public application.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-54820Same product: Fortinet Fortimanager
CVE-2024-36512Same product: Fortinet Fortimanager
CVE-2024-35277Same product: Fortinet Fortimanager
CVE-2024-33502Same product: Fortinet Fortimanager
CVE-2024-50566Same product: Fortinet Fortimanager
CVE-2024-35276Same product: Fortinet Fortimanager
CVE-2025-61848Same product: Fortinet Fortimanager
CVE-2024-40584Same product: Fortinet Fortimanager
CVE-2026-22572Same product: Fortinet Fortimanager
CVE-2024-50563Same product: Fortinet Fortimanager

Affected Assets

fortinet
fortimanager
6.4.12, 7.2.3, 7.4.0 · 7.0.7 — 7.0.9

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Remediating the specific flaw in FortiManager by applying Fortinet patches directly prevents attackers from performing operations on expired or released resources to gain improper FortiGate access.

prevent

Mandates enforcement of approved access authorizations, countering the improper access to FortiGate enabled by the resource expiration vulnerability in FortiManager.

preventdetect

Monitors and controls network traffic to the vulnerable FortiManager, limiting unauthenticated remote access required to exploit CVE-2024-47571.

References