Cyber Posture

CVE-2024-48885

Medium

Published: 16 January 2025

Published
16 January 2025
Modified
14 January 2026
KEV Added
Patch
CVSS Score 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0029 52.7th percentile
Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-48885 is a medium-severity Path Traversal (CWE-22) vulnerability in Fortinet Fortirecorder. Its CVSS base score is 5.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 47.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly remediates the path traversal flaw in affected Fortinet products through timely identification, reporting, and patching.

SI-10 Information Input Validation good match
prevent

Validates information inputs from specially crafted packets at system entry points to block path traversal attempts.

AC-3 Access Enforcement partial match
prevent

Enforces approved access authorizations to information and resources, limiting unauthorized directory traversal even from low-privileged accounts.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Path traversal vulnerability directly enables exploitation for privilege escalation via crafted network packets.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0.0 through 7.0.4, FortiVoice 7.0.0 through 7.0.4, FortiVoice 6.4.0 through 6.4.9, FortiVoice 6.0 all versions, FortiWeb 7.6.0, FortiWeb 7.4.0 through…

more

7.4.4, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions, FortiWeb 6.4 all versions allows attacker to escalate privilege via specially crafted packets.

Deeper analysisAI

CVE-2024-48885 is an improper limitation of a pathname to a restricted directory vulnerability, classified under CWE-22 as a path traversal issue. It affects multiple Fortinet products, including FortiRecorder versions 7.2.0 through 7.2.1 and 7.0.0 through 7.0.4; FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, and 6.0 all versions; and FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2 all versions, 7.0 all versions, and 6.4 all versions. The flaw enables privilege escalation through specially crafted packets and carries a CVSS v3.1 base score of 5.3 (AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).

Exploitation requires an attacker to have low privileges (PR:L) and involves a network-based attack (AV:N) with high complexity (AC:H) and no user interaction (UI:N). Successful exploitation allows the attacker to escalate privileges, resulting in a high impact on availability (A:H) with no impact on confidentiality or integrity.

Mitigation details are available in the Fortinet PSIRT advisory at https://fortiguard.fortinet.com/psirt/FG-IR-24-259.

Details

CWE(s)
CWE-22

Affected Products

fortinet
fortirecorder
7.0.0 — 7.0.5 · 7.2.0 — 7.2.2
fortinet
fortivoice
6.0.0 — 6.4.10 · 7.0.0 — 7.0.5
fortinet
fortiweb
7.6.0 · 6.4.0 — 7.4.5

CVEs Like This One

CVE-2024-48884Same product: Fortinet Fortirecorder
CVE-2024-55597Same product: Fortinet Fortiweb
CVE-2024-36512Same vendor: Fortinet
CVE-2024-46662Same vendor: Fortinet
CVE-2025-48418Same vendor: Fortinet
CVE-2025-68648Same vendor: Fortinet
CVE-2024-33502Same vendor: Fortinet
CVE-2025-62676Same vendor: Fortinet
CVE-2025-54659Same vendor: Fortinet
CVE-2024-45328Same vendor: Fortinet

References