CVE-2024-50563

CVE Database · CVE-2024-50563

CVE-2024-50563

· HIGHAnalyzed

CVSS v3.1

7.3

EPSS

0.56%

Published

Jan 16, 2025

Modified

Sep 24, 2025

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Weaknesses (CWE)

CWE-1390

Affected Products (6)

fortinet · fortianalyzer (up to 7.4.4)vulnerable

fortinet · fortianalyzer (up to 7.6.2)vulnerable

fortinet · fortianalyzer_cloud (up to 7.4.4)vulnerable

fortinet · fortimanager (up to 7.4.4)vulnerable

fortinet · fortimanager (up to 7.6.2)vulnerable

fortinet · fortimanager_cloud (up to 7.4.4)vulnerable

References (1)

https://fortiguard.fortinet.com/psirt/FG-IR-24-221

MitigationVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs