Cyber Posture

CVE-2024-50566

HighRCE

Published: 14 January 2025

Published
14 January 2025
Modified
14 January 2026
KEV Added
Patch
CVSS Score 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0054 67.8th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-50566 is a high-severity OS Command Injection (CWE-78) vulnerability in Fortinet Fortimanager. Its CVSS base score is 7.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 32.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly mitigates OS command injection by enforcing validation and neutralization of special elements in crafted FGFM requests.

SI-2 Flaw Remediation good match
prevent

Addresses the specific flaw in FortiManager's FGFM request handling through timely application of vendor patches from FG-IR-24-463.

AC-6 Least Privilege partial match
prevent

Reduces exploitability by enforcing least privilege, limiting high-privilege (PR:H) access needed for unauthorized code execution.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1059.004 Unix Shell Execution
Adversaries may abuse Unix shell commands and scripts for execution.
attack.mitre.org →
Why these techniques?

OS command injection in FortiManager enables remote code execution via crafted FGFM requests to a management application (T1190); directly facilitates Unix shell command execution (T1059.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiManager Cloud 7.6.0 through 7.6.1, FortiManager Cloud 7.4.0 through 7.4.4, FortiManager Cloud 7.2.2 through 7.2.7, FortiManager 7.6.0 through 7.6.1, FortiManager 7.4.0 through 7.4.5,…

more

FortiManager 7.2.1 through 7.2.8 may allow an authenticated remote attacker to execute unauthorized code via FGFM crafted requests.

Deeper analysisAI

CVE-2024-50566 is an OS command injection vulnerability (CWE-78), resulting from improper neutralization of special elements used in an OS command. It affects Fortinet FortiManager Cloud versions 7.6.0 through 7.6.1, 7.4.0 through 7.4.4, and 7.2.2 through 7.2.7, as well as FortiManager versions 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, and 7.2.1 through 7.2.8. The vulnerability has a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

An authenticated remote attacker with high privileges (PR:H) can exploit the vulnerability over the network (AV:N) with low attack complexity (AC:L) and no user interaction (UI:N). By crafting malicious FGFM requests, the attacker may execute unauthorized code on the affected system, achieving high impacts on confidentiality, integrity, and availability.

Mitigation details are provided in the Fortinet PSIRT advisory FG-IR-24-463, available at https://fortiguard.fortinet.com/psirt/FG-IR-24-463.

Details

CWE(s)
CWE-78

Affected Products

fortinet
fortimanager
7.2.1 — 7.2.9 · 7.4.0 — 7.4.6 · 7.6.0 — 7.6.2
fortinet
fortimanager cloud
7.2.2 — 7.2.8 · 7.4.0 — 7.4.5 · 7.6.0 — 7.6.2

CVEs Like This One

CVE-2024-33504Same product: Fortinet Fortimanager
CVE-2025-66178Same vendor: Fortinet
CVE-2024-46662Same product: Fortinet Fortimanager
CVE-2026-25836Same vendor: Fortinet
CVE-2024-35277Same product: Fortinet Fortimanager
CVE-2024-50569Same vendor: Fortinet
CVE-2026-39808Same vendor: Fortinet
CVE-2025-64155Same vendor: Fortinet
CVE-2024-50567Same vendor: Fortinet
CVE-2024-52961Same vendor: Fortinet

References