Cyber Resilience

CVE-2024-48884

High

Published: 14 January 2025

Published
14 January 2025
Modified
14 January 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.5028 97.9th percentile
Risk Priority 45 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-48884 is a high-severity Path Traversal (CWE-22) vulnerability in Fortinet Fortios. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 2.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-48884 is a path traversal vulnerability, tracked as CWE-22, that affects Fortinet FortiManager 7.6.0 through 7.6.1, FortiManager Cloud 7.4.1 through 7.4.3, FortiOS releases 7.6.0, 7.4.0-7.4.4, 7.2.0-7.2.9, 7.0.0-7.0.15, and 6.4.0-6.4.15, plus FortiProxy versions 7.4.0-7.4.5, 7.2.0-7.2.11, 7.0.0-7.0.18, 2.0, and all 1.x releases. The flaw arises from improper limitation of pathnames to restricted directories and carries a CVSS 3.1 score of 7.5.

A remote authenticated attacker who can reach the security fabric interface and port may write arbitrary files, while a remote unauthenticated attacker may delete an arbitrary folder, resulting in high availability impact. The current EPSS score of 0.5028 matches its recorded peak with no material rise from a lower baseline.

The Fortinet advisory at https://fortiguard.fortinet.com/psirt/FG-IR-24-259 addresses mitigation steps for the affected products.

EU & UK References

Vulnerability details

A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiManager 7.6.0 through 7.6.1, FortiManager 7.4.1 through 7.4.3, FortiManager Cloud 7.4.1 through 7.4.3, FortiOS 7.6.0, FortiOS 7.4.0 through 7.4.4, FortiOS 7.2.0 through 7.2.9, FortiOS 7.0.0…

more

through 7.0.15, FortiOS 6.4.0 through 6.4.15, FortiProxy 7.4.0 through 7.4.5, FortiProxy 7.2.0 through 7.2.11, FortiProxy 7.0.0 through 7.0.18, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1 all versions, FortiProxy 1.0 all versions may allow a remote authenticated attacker with access to the security fabric interface and port to write arbitrary files or a remote unauthenticated attacker to delete an arbitrary folder

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1105 Ingress Tool Transfer Command And Control
Adversaries may transfer tools or other files from an external system into a compromised environment.
T1070.004 File Deletion Stealth
Adversaries may delete files left behind by the actions of their intrusion activity.
Why these techniques?

Path traversal enables remote unauthenticated exploitation of exposed Fortinet interfaces (T1190), authenticated arbitrary file write for tool transfer (T1105), and unauthenticated arbitrary folder deletion (T1070.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-48886Same product: Fortinet Fortimanager
CVE-2024-45324Same product: Fortinet Fortios
CVE-2025-24472Same product: Fortinet Fortios
CVE-2024-55591Same product: Fortinet Fortios
CVE-2024-26006Same product: Fortinet Fortios
CVE-2024-26009Same product: Fortinet Fortios
CVE-2025-59718Same product: Fortinet Fortios
CVE-2024-35279Same product: Fortinet Fortios
CVE-2025-53847Same product: Fortinet Fortios
CVE-2025-25249Same product: Fortinet Fortios

Affected Assets

fortinet
fortimanager
7.4.1 — 7.4.4 · 7.6.0 — 7.6.2
fortinet
fortimanager cloud
7.4.1 — 7.4.4
fortinet
fortiproxy
1.0.0 — 7.0.19 · 7.2.0 — 7.2.12 · 7.4.0 — 7.4.6
fortinet
fortirecorder
7.0.0 — 7.0.5 · 7.2.0 — 7.2.2
fortinet
fortivoice
6.0.0 — 6.4.10 · 7.0.0 — 7.0.5
fortinet
fortiweb
7.6.0 · 6.4.0 — 7.4.5
fortinet
fortios
7.6.0 · 6.4.0 — 6.4.16 · 7.0.0 — 7.0.16 · 7.2.0 — 7.2.10

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly validates file path inputs to ensure they remain within authorized directories, preventing path traversal exploitation.

prevent

Mandates timely flaw remediation, including patching this specific path traversal vulnerability as detailed in the vendor advisory.

prevent

Enforces logical access controls on file system resources to block unauthorized writes or deletes attempted via traversed paths.

References