Security Advisory

Fortinet Product Security Update Advisory (CVE-2025-24472)

  • Mar 19 2025
Fortinet Product Security Update Advisory (CVE-2025-24472)

Overview

We have released security updates to fix vulnerabilities in Fortinet products. Users of affected products are advised to update to the latest version.
 

 

Affected Products

 

CVE-2025-24472

FortiOS Versions: 7.0.0 through 7.0.16 (inclusive)
FortiProxy Versions: 7.2.0 through 7.2.12 (inclusive)
FortiProxy versions: 7.0.0 through 7.0.19 (inclusive)

 

 

Resolved Vulnerabilities

Elevation of privilege vulnerability due to authentication bypass (CVE-2025-24472)

 

 

Vulnerability Patches

Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.
 

CVE-2025-24472

FortiOS Version: 7.0.17
FortiProxy version: 7.2.13
FortiProxy version: 7.0.20

 

 

References

[1] Authentication bypass in Node.js websocket module and CSF requests
https://fortiguard.fortinet.com/psirt/FG-IR-24-535

Tags:
Previous Post

Next Post