CVE-2024-55591 is a FortiOS/FortiProxy authentication bypass exploited in the wild to create super-admin accounts and compromise firewall configurations. Upgrade to FortiOS 7.0.17+ immediately. Disable HTTP/HTTPS admin access from the internet as a compensating control. Review admin accounts for unauthorized additions.
FortiOS and FortiProxy Authentication Bypass Vulnerability allows unauthenticated attackers to gain super-admin privileges via WebSocket.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →