CVE-2024-50563
Published: 16 January 2025
Summary
CVE-2024-50563 is a high-severity Weak Authentication (CWE-1390) vulnerability in Fortinet Fortianalyzer. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Brute Force (T1110); ranked in the top 39.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-7 (Unsuccessful Logon Attempts) and IA-5 (Authenticator Management).
Deeper analysis
CVE-2024-50563 is a weak authentication vulnerability affecting multiple Fortinet products, including FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1 and 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1 and 7.4.1 through 7.4.3, and FortiManager Cloud versions 7.4.1 through 7.4.3. The flaw, associated with CWE-1390 and NVD-CWE-Other, enables attackers to execute unauthorized code or commands through a brute-force attack. It carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L), indicating high severity due to its network accessibility and lack of prerequisites.
An unauthenticated remote attacker can exploit this vulnerability by performing a brute-force attack against the weak authentication mechanism. Successful exploitation grants the ability to execute arbitrary code or commands on the affected systems, potentially leading to limited confidentiality, integrity, and availability impacts as per the CVSS vector.
For mitigation details, refer to the Fortinet product security incident response team advisory at https://fortiguard.fortinet.com/psirt/FG-IR-24-221.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-44620
Vulnerability details
A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized…
more
code or commands via a brute-force attack.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct mapping to brute-force exploitation of weak auth for RCE on public-facing Fortinet appliances.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly prevents brute-force attacks by enforcing limits on consecutive unsuccessful logon attempts against the weak authentication mechanism.
Ensures authenticators are managed with sufficient strength, complexity, and lifecycle controls to resist brute-force guessing in weak authentication implementations.
Mandates timely flaw remediation, directly addressing the weak authentication vulnerability exploitable via brute-force to prevent unauthorized code execution.