{"vulnerability": "cve-2024-4888", "sightings": [{"uuid": "03f4b0d9-13fc-4f27-a229-c1facb781d97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48889", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113673904046655801", "content": "", "creation_timestamp": "2024-12-18T12:48:44.282335Z"}, {"uuid": "17c3174b-6abf-496a-a7c7-20ea6640adb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48889", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ldnwrxvui22v", "content": "", "creation_timestamp": "2024-12-19T13:05:40.818550Z"}, {"uuid": "274db9e5-3480-4e4b-ba1b-6358f31d8699", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48889", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113675676122890458", "content": "", "creation_timestamp": "2024-12-18T20:19:24.135434Z"}, {"uuid": "019de3d1-9855-47a8-a237-1c41318d0648", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48886", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgwvvbv22c", "content": "", "creation_timestamp": "2025-01-14T14:17:49.147632Z"}, {"uuid": "7b80df7d-3bcb-4656-9f4b-bc256d31a867", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48886", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113827257238910747", "content": "", "creation_timestamp": "2025-01-14T14:48:30.089464Z"}, {"uuid": "9bdcfaee-434b-4231-9428-ced8ba01340f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48883", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lfpy4x42qv2j", "content": "", "creation_timestamp": "2025-01-14T19:25:25.594163Z"}, {"uuid": "1870aba3-096d-47de-8ae8-627ec175a0a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48881", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113809837533563202", "content": "", "creation_timestamp": "2025-01-11T12:58:27.391199Z"}, {"uuid": "b30bde9f-a262-4280-9019-865ded3589b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48881", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfhs3y4jd52e", "content": "", "creation_timestamp": "2025-01-11T13:16:12.418812Z"}, {"uuid": "7931131e-bfe2-4dd7-bbf1-42374f751596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48885", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113837230346110730", "content": "", "creation_timestamp": "2025-01-16T09:04:45.873658Z"}, {"uuid": "dc1ccb6a-837f-4229-9cc0-67889b3e8e75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48885", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lftwxtgaet2t", "content": "", "creation_timestamp": "2025-01-16T09:15:18.980094Z"}, {"uuid": "4239ecf3-fc49-4e6c-9531-40b00dc3d44b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48885", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lftykc67wr2g", "content": "", "creation_timestamp": "2025-01-16T09:43:32.272562Z"}, {"uuid": "3f061913-bd0d-4fc2-8142-4e9d63d8fe94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48886", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113827591399176628", "content": "", "creation_timestamp": "2025-01-14T16:13:27.267953Z"}, {"uuid": "08ef37ef-a9a4-41d0-8ba9-016c37775456", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48884", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113827591384372685", "content": "", "creation_timestamp": "2025-01-14T16:13:27.174073Z"}, {"uuid": "7246db1a-1a0f-467c-92de-203c249eb311", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-48883", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113822140412445257", "content": "", "creation_timestamp": "2025-01-13T17:07:12.195049Z"}, {"uuid": "2cfc5d15-cb80-4e49-bcc2-4d0408d40275", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48884", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgwtir7r2r", "content": "", "creation_timestamp": "2025-01-14T14:17:46.674744Z"}, {"uuid": "dececd54-b40a-4604-8c55-3c0b4502d3aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48884", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-06", "content": "", "creation_timestamp": "2025-02-13T11:00:00.000000Z"}, {"uuid": "7ab5dbaa-ffc5-4bd5-8ffe-0baa9663745d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48885", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-06", "content": "", "creation_timestamp": "2025-02-13T11:00:00.000000Z"}, {"uuid": "378691e5-56f2-40c1-be4f-6ffec4cd8a13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lmczgcbtcy2e", "content": "", "creation_timestamp": "2025-04-08T17:40:17.584721Z"}, {"uuid": "9e983883-adf2-476a-aedf-32d469d4b6d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lmd6dff3yw2i", "content": "", "creation_timestamp": "2025-04-08T19:08:09.896925Z"}, {"uuid": "d1693328-292f-4f06-b2db-8d1d875aa3d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114304071038029739", "content": "", "creation_timestamp": "2025-04-08T19:48:29.746197Z"}, {"uuid": "a9b07772-d0b7-4d8e-a04b-f949208a5eb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmdbno3iiz24", "content": "", "creation_timestamp": "2025-04-08T20:07:36.637504Z"}, {"uuid": "b18d08dd-6bc8-4d6f-b0d9-754416b026a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/cybersecurity.page/post/3lmdqzculqw2n", "content": "", "creation_timestamp": "2025-04-09T00:42:31.906758Z"}, {"uuid": "7415acec-2710-4611-834c-3d6501e8ec0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/censys.bsky.social/post/3lmhrimjtz22a", "content": "", "creation_timestamp": "2025-04-10T15:01:46.255937Z"}, {"uuid": "d44f0e97-8d29-4691-946e-b02f0f16ef98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lmido5h3ff2e", "content": "", "creation_timestamp": "2025-04-10T20:26:57.344880Z"}, {"uuid": "0cba233e-8fa5-4de9-b4f1-e22ca58aa39c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://thehackernews.com/2025/04/fortinet-urges-fortiswitch-upgrades-to.html", "content": "", "creation_timestamp": "2025-04-08T15:53:00.000000Z"}, {"uuid": "3e21c81e-463a-45ee-9d0d-1f5056a33d00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/youranonriots.bsky.social/post/3lmdu46bds22c", "content": "", "creation_timestamp": "2025-04-09T01:37:52.884053Z"}, {"uuid": "615ac0f3-a81f-424c-91ad-05aaa25c2baf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lmdygvdtys2l", "content": "", "creation_timestamp": "2025-04-09T02:55:23.409350Z"}, {"uuid": "f1c699ef-88a3-4bba-85a1-42de8512ec1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/nopfx.bsky.social/post/3lmeb4ibpzk25", "content": "", "creation_timestamp": "2025-04-09T05:30:26.219054Z"}, {"uuid": "9cbf06d2-5781-4c7e-9b43-869455217d17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-f3243e93-f8fa0d6fab61a425", "content": "", "creation_timestamp": "2025-04-09T05:45:59.471163Z"}, {"uuid": "fdb267be-76e0-4d5d-8091-ae0d8c550dd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://infosec.exchange/users/mttaggart/statuses/114306608751039772", "content": "", "creation_timestamp": "2025-04-09T06:33:52.766325Z"}, {"uuid": "d0c9e90c-d9dc-4569-adc9-9233ff12c86d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/taggart-tech.com/post/3lmeenmjuhj24", "content": "", "creation_timestamp": "2025-04-09T06:33:54.523593Z"}, {"uuid": "4712cc91-f4de-4fce-954c-ae2fb2bb27bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lmggkjulyz2r", "content": "", "creation_timestamp": "2025-04-10T02:13:19.067779Z"}, {"uuid": "a1856256-1263-4e30-9b3c-7dab74ba473b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmij35jwgk2g", "content": "", "creation_timestamp": "2025-04-10T22:03:52.630660Z"}, {"uuid": "d8688805-ca6b-467f-95a5-86b2365fe5c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3lmiqytgnxs2c", "content": "", "creation_timestamp": "2025-04-11T00:25:39.546983Z"}, {"uuid": "c68e459a-af62-40aa-833b-a9037d3fbbb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/mbissey.bsky.social/post/3lmejqkxnel2i", "content": "", "creation_timestamp": "2025-04-09T08:05:02.330187Z"}, {"uuid": "1084559d-be9e-420c-ac8d-ca576de6f5ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lmiwzn44vy2n", "content": "", "creation_timestamp": "2025-04-11T02:13:23.968824Z"}, {"uuid": "1ea6c461-217a-4fba-8a6d-6c402c5bff2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lmjl2op43c2x", "content": "", "creation_timestamp": "2025-04-11T08:11:54.095321Z"}, {"uuid": "8337801c-62fe-4f97-988b-d3146fa31d93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmlygicdpc24", "content": "", "creation_timestamp": "2025-04-12T07:16:32.002044Z"}, {"uuid": "42480957-4bd2-4982-8e03-b27833d56147", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/114308125842124125", "content": "", "creation_timestamp": "2025-04-09T12:59:40.895105Z"}, {"uuid": "19b9781a-3f09-4021-9747-df6b34ab1c9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0113", "content": "", "creation_timestamp": "2025-04-09T04:49:51.000000Z"}, {"uuid": "b8147493-2417-4574-93ef-19fde30466be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lmfyttmkth2q", "content": "", "creation_timestamp": "2025-04-09T22:07:57.687855Z"}, {"uuid": "763a875c-b1e3-4d2a-a17e-0b7b9677843d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lmnyvqnhhj2r", "content": "", "creation_timestamp": "2025-04-13T02:30:19.616490Z"}, {"uuid": "fe5f81e2-acda-4bd5-acc1-e76fcc6ff5a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmm6tptd3224", "content": "", "creation_timestamp": "2025-04-12T09:11:18.143834Z"}, {"uuid": "1b975c78-3fa4-43c4-a09c-2a938f4dd526", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmnniu4cv22q", "content": "", "creation_timestamp": "2025-04-12T23:06:18.631684Z"}, {"uuid": "b0304191-6906-45ea-8dad-dc075493d1cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lmhe4xwerd2q", "content": "", "creation_timestamp": "2025-04-10T11:02:35.452986Z"}, {"uuid": "e764856d-fe69-475c-91f3-7a7facc402e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3lmhepiqhw22v", "content": "", "creation_timestamp": "2025-04-10T11:13:01.980732Z"}, {"uuid": "74c2f1ac-230f-4fd5-9656-b0903281e245", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmhlljuzsc2y", "content": "", "creation_timestamp": "2025-04-10T13:16:04.876942Z"}, {"uuid": "68f5f5bd-0bcf-4862-9bff-01c37304180f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmho2zmiys2y", "content": "", "creation_timestamp": "2025-04-10T14:00:28.098392Z"}, {"uuid": "e9c6b6f4-4d7d-4084-9993-3877c8d4668c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48882", "type": "seen", "source": "https://infosec.place/objects/2df34434-78cc-4187-a80f-695ff13a2744", "content": "", "creation_timestamp": "2025-12-01T15:30:28.516962Z"}, {"uuid": "ceb16fb9-d805-43fb-9ecb-1f2b22f652ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lmsyyq45fa2z", "content": "", "creation_timestamp": "2025-04-15T02:15:18.566544Z"}, {"uuid": "39de86c9-0fa4-462c-808c-cc0d9dbf7d77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-09-10T07:00:38.000000Z"}, {"uuid": "6171b4eb-4988-4952-b0c5-e18cad026c27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/mrtechking.bsky.social/post/3lmr2mnh4ig2o", "content": "", "creation_timestamp": "2025-04-14T07:39:01.393469Z"}, {"uuid": "c9f62635-d41a-4644-bbde-f8ceeca7cec5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lmvjgvpaq32q", "content": "", "creation_timestamp": "2025-04-16T02:14:53.209425Z"}, {"uuid": "9f4e6f0c-2ca6-4050-82bd-fa656da5ade7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48883", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1380", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48883\n\ud83d\udd39 Description: An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, and Modem 5300. The UE incorrectly handles a malformed uplink scheduling message, resulting in an information leak of the UE.\n\ud83d\udccf Published: 2025-01-13T00:00:00\n\ud83d\udccf Modified: 2025-01-13T19:34:44.694Z\n\ud83d\udd17 References:\n1. https://semiconductor.samsung.com/support/quality-support/product-security-updates/\n2. https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-48883/", "creation_timestamp": "2025-01-13T20:07:43.000000Z"}, {"uuid": "4e39602e-0c2b-415d-8b39-eb5b5c24d17c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48881", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "be278776-6a7a-4858-ab85-f97d9c914dc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48885", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1934", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48885\n\ud83d\udd39 Description: A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12 allows attacker to escalate privilege via specially crafted packets.\n\ud83d\udccf Published: 2025-01-16T09:01:52.958Z\n\ud83d\udccf Modified: 2025-01-16T09:01:52.958Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-259", "creation_timestamp": "2025-01-16T09:55:38.000000Z"}, {"uuid": "1a12c651-946c-429c-b284-830dacc98aaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-08-09T17:25:37.000000Z"}, {"uuid": "dfdc61fb-8869-456c-95d7-d4cc7ce11011", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "exploited", "source": "https://t.me/ics_cert/1103", "content": "\u062a\u063a\u06cc\u06cc\u0631 \u0627\u0639\u062a\u0628\u0627\u0631 \u0628\u062f\u0648\u0646 \u0631\u0645\u0632 \u0639\u0628\u0648\u0631: \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc\u062f \u062f\u0631 FortiSwitch\n\n\u26a0\ufe0f Fortinet \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062d\u06cc\u0627\u062a\u06cc CVE-2024-48887 (CVSS 9.8) \u0631\u0627 \u062f\u0631 \u0633\u0648\u0626\u06cc\u0686 \u0647\u0627\u06cc \u0641\u0648\u0631\u062a\u06cc \u0633\u0648\u0626\u06cc\u0686 \u0631\u0641\u0639 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a . \u0627\u06cc\u0646 \u0645\u0634\u06a9\u0644 \u0627\u0645\u06a9\u0627\u0646 \u062a\u063a\u06cc\u06cc\u0631 \u0631\u0645\u0632 \u0639\u0628\u0648\u0631 \u0633\u0631\u067e\u0631\u0633\u062a \u0631\u0627 \u0628\u062f\u0648\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u06cc\u06a9 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0648\u06cc\u0698\u0647 \u0628\u0647 \u0646\u0642\u0637\u0647 \u067e\u0627\u06cc\u0627\u0646\u06cc set_password \u0641\u0631\u0627\u0647\u0645 \u0645\u06cc\u200c\u06a9\u0631\u062f. \u062d\u0645\u0644\u0647 \u0628\u0633\u06cc\u0627\u0631 \u0633\u0627\u062f\u0647 \u0627\u0633\u062a \u0648 \u0646\u06cc\u0627\u0632\u06cc \u0628\u0647 \u062a\u0639\u0627\u0645\u0644 \u06a9\u0627\u0631\u0628\u0631 \u0646\u062f\u0627\u0631\u062f.\n\n\ud83c\udf10 \u062a\u0645\u0627\u0645 \u0646\u0633\u062e\u0647 \u0647\u0627\u06cc FortiSwitch \u0627\u0632 6.4.0 \u062a\u0627 7.6.0 \u06a9\u0647 \u062f\u0631 \u0647\u0632\u0627\u0631\u0627\u0646 \u0634\u0628\u06a9\u0647 \u0634\u0631\u06a9\u062a\u06cc \u062f\u0631 \u0633\u0631\u0627\u0633\u0631 \u062c\u0647\u0627\u0646 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u0634\u0648\u062f\u060c \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0628\u0648\u062f\u0646\u062f. \u0627\u0635\u0644\u0627\u062d\u0627\u062a \u062f\u0631 \u062d\u0627\u0644 \u062d\u0627\u0636\u0631 \u062f\u0631 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627\u06cc 6.4.15\u060c 7.0.11\u060c 7.2.9\u060c 7.4.5 \u0648 7.6.1 \u0645\u0648\u062c\u0648\u062f \u0627\u0633\u062a. \u06cc\u06a9 \u0631\u0627\u0647 \u062d\u0644 \u0645\u0648\u0642\u062a \u0628\u0631\u0627\u06cc \u06a9\u0633\u0627\u0646\u06cc \u06a9\u0647 \u0646\u0645\u06cc \u062a\u0648\u0627\u0646\u0646\u062f \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u0646\u062f\u060c \u063a\u06cc\u0631\u0641\u0639\u0627\u0644 \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc HTTP/HTTPS \u0628\u0647 \u0631\u0627\u0628\u0637 \u0627\u062f\u0627\u0631\u06cc \u0627\u0633\u062a.\n\n\ud83d\udd0e \u0645\u062d\u0635\u0648\u0644\u0627\u062a Fortinet \u0627\u0632 \u0627\u0648\u0627\u06cc\u0644 \u0633\u0627\u0644 2025 \u0647\u0645\u0686\u0646\u0627\u0646 \u0645\u0648\u0631\u062f \u062a\u0648\u062c\u0647 \u0647\u06a9\u0631\u0647\u0627 \u0642\u0631\u0627\u0631 \u062f\u0627\u0631\u0646\u062f. \u067e\u06cc\u0634 \u0627\u0632 \u0627\u06cc\u0646\u060c \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0631\u0648\u0632 \u0635\u0641\u0631 \u06a9\u0634\u0641 \u0634\u062f\u0647 \u0628\u0648\u062f\u0646\u062f \u06a9\u0647 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0628\u0627\u062c\u200c\u0627\u0641\u0632\u0627\u0631 \u0648 \u0633\u0631\u0642\u062a \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u06a9\u0627\u0631\u0628\u0631\u06cc \u062f\u0631 \u0645\u0634\u062a\u0631\u06cc FortiClient VPN \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u0634\u062f.\n\n\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ICSCERT_IR", "creation_timestamp": "2025-04-11T20:35:40.000000Z"}, {"uuid": "f00fb312-fa3f-49dc-a615-449fd19eb0e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48884", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1616", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48884\n\ud83d\udd39 Description: A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.5 through 7.2.9, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy 7.4.0 through 7.4.5, 7.2.0 through 7.2.11, 7.0.0 through 7.0.18, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiManager Cloud versions 7.4.1 through 7.4.3, FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12, FortiWeb 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3 allows attacker to trigger an escalation of privilege via specially crafted packets.\n\ud83d\udccf Published: 2025-01-14T14:09:26.476Z\n\ud83d\udccf Modified: 2025-01-14T20:55:28.999Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-259", "creation_timestamp": "2025-01-14T21:11:33.000000Z"}, {"uuid": "0377e928-266d-4fcf-90a3-b28ab999a288", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48886", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1622", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48886\n\ud83d\udd39 Description: A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.\n\ud83d\udccf Published: 2025-01-14T14:09:34.647Z\n\ud83d\udccf Modified: 2025-01-14T20:54:42.523Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-221", "creation_timestamp": "2025-01-14T21:11:55.000000Z"}, {"uuid": "5c1ed418-12da-4d51-894f-1dc18719e6fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://t.me/cvedetector/22488", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48887 - Fortinet FortiSwitch Unauthenticated Password Change Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48887 \nPublished : April 8, 2025, 5:15 p.m. | 17\u00a0minutes ago \nDescription : A  unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin passwords via a specially crafted request \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T19:51:40.000000Z"}, {"uuid": "a21b2bae-0322-4aee-858d-71894a5f9448", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://t.me/cybersecplayground/166", "content": "\ud83d\udea8 Alert: CVE-2024-48887 \u2014 Fortinet FortiSwitch Critical Vulnerability \ud83d\udea8\n\nA password change vulnerability in the FortiSwitch GUI allows unauthorized modifications without verification.\n\n\ud83d\udd13 This opens the door for attackers to take over admin accounts and gain full control over network switches!\n\n\ud83d\udcca Affected Devices: Over 2.7K+ services are exposed on the internet yearly.\n\n\ud83d\udd0d Hunter Link\n\n\ud83d\udccc OSINT Queries:\n\nHunter: product.name=\"FortiSwitch\"\nFOFA: app=\"FortiSwitch\"\nShodan: http.title:\"FortiSwitch\"\n\n\ud83d\udcf0 References:\nFortinet Advisory\nSecurity Online Report\n\n\ud83d\udca1 Mitigation:\nUpdate FortiSwitch firmware immediately and restrict GUI access to trusted IPs.\n\n\ud83d\udd10 Stay sharp and stay updated with @cybersecplayground\n\n#Fortinet #FortiSwitch #infosec #OSINT #CVE #hunterhow #cybersecurity #Vulnerability #BugBounty #InfoSecurity #ZeroDay", "creation_timestamp": "2025-04-09T17:01:40.000000Z"}, {"uuid": "6342bdbb-55d9-4d88-b845-d085559e9a41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://t.me/itsec_news/5763", "content": "\u200b\u26a1\ufe0fSet_password, \u0438 \u0432\u0443\u0430\u043b\u044f: FortiSwitch \u0441\u0430\u043c \u043e\u0442\u0434\u0430\u0451\u0442 \u043a\u043b\u044e\u0447\u0438\n\n\ud83d\udcac Fortinet \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 FortiSwitch, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u043c\u0435\u043d\u044f\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u043c \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 FortiSwitch \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2024-48887 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.8).\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u0440\u0438 \u0441\u043c\u0435\u043d\u0435 \u043f\u0430\u0440\u043e\u043b\u044f \u0447\u0435\u0440\u0435\u0437 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 FortiSwitch. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0433 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 \u043d\u0430 endpoint set_password \u0438 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u0445\u043e\u0434\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0438 \u0431\u0435\u0437 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u0410\u0442\u0430\u043a\u0430 \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0435\u0451 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u2014 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432 \u043b\u044e\u0431\u043e\u0439 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438, \u0433\u0434\u0435 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u043e\u0442\u043a\u0440\u044b\u0442.\n\n\u041f\u043e\u0434 \u0443\u0434\u0430\u0440 \u043f\u043e\u043f\u0430\u043b\u0438 \u0432\u0435\u0440\u0441\u0438\u0438 FortiSwitch \u043e\u0442 6.4.0 \u0434\u043e 7.6.0. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0436\u0435 \u0437\u0430\u043a\u0440\u044b\u0442\u0430 \u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u0445 6.4.15, 7.0.11, 7.2.9, 7.4.5 \u0438 7.6.1. \u0422\u0435\u043c, \u043a\u0442\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, Fortinet \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u2014 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c HTTP \u0438 HTTPS-\u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c \u0441 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0445\u043e\u0441\u0442\u043e\u0432.\n\n\u0422\u0430\u043a\u0436\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0440\u044f\u0434 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c. \u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c OS command injection \u0432 FortiIsolator (CVE-2024-54024) \u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 MitM-\u0430\u0442\u0430\u043a\u0430\u043c\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 FortiOS, FortiProxy, FortiManager, FortiAnalyzer, FortiVoice \u0438 FortiWeb (CVE-2024-26013 \u0438 CVE-2024-50565). \u0412\u0441\u0435 \u043e\u043d\u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0431\u0435\u0437 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438.\n\nFortinet \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u0446\u0435\u043b\u044c\u044e \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f. \u0412 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043b\u0438 \u043d\u0430\u0431\u043e\u0440 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 DeepData \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 Zero-Day \u0432 Windows-\u043a\u043b\u0438\u0435\u043d\u0442\u0435 FortiClient VPN. \u0415\u0449\u0451 \u043e\u0434\u043d\u0430 \u0443\u0433\u0440\u043e\u0437\u0430 \u2014 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0441 \u0438\u044e\u043d\u044f 2024 \u0433\u043e\u0434\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-47575, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u0438\u043c\u044f FortiJump , \u2014 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0431\u043e\u043b\u0435\u0435 50 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 FortiManager.\n\n\u0421 \u043d\u0430\u0447\u0430\u043b\u0430 2025 \u0433\u043e\u0434\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u044b \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u2014 CVE-2024-55591 \u0438 CVE-2025-24472 \u2014 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439. \u0412\u0441\u0435 \u044d\u0442\u0438 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u044b \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Fortinet \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u043e\u0441\u0442\u0430\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u0444\u043e\u043a\u0443\u0441\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u0430 \u043d\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u0441\u0442\u0440\u043e \u043d\u0430\u0445\u043e\u0434\u044f\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\nFortinet \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u0435\u0442 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u044c \u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u0441\u0435\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0438 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430\u043c, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u0440\u043e\u0441\u0442\u0430 \u0447\u0438\u0441\u043b\u0430 \u0430\u0442\u0430\u043a, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-04-11T05:28:39.000000Z"}, {"uuid": "38068167-f0a3-4f39-aac7-55ace3c74efe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48889", "type": "seen", "source": "https://t.me/cvedetector/13202", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48889 - FortiManager OS Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-48889 \nPublished : Dec. 18, 2024, 1:15 p.m. | 46\u00a0minutes ago \nDescription : An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiManager version 7.6.0, version 7.4.4 and below, version 7.2.7 and below, version 7.0.12 and below, version 6.4.14 and below and FortiManager Cloud version 7.4.4 and below, version 7.2.7 to 7.2.1, version 7.0.12 to 7.0.1 may allow an authenticated remote attacker to execute unauthorized code via FGFM crafted requests. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-18T15:22:11.000000Z"}, {"uuid": "46cabbe4-492c-4d8d-912e-7bda3850be58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48884", "type": "seen", "source": "https://t.me/cvedetector/15267", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48884 - Fortinet Path Traversal Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-48884 \nPublished : Jan. 14, 2025, 2:15 p.m. | 21\u00a0minutes ago \nDescription : A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.5 through 7.2.9, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy 7.4.0 through 7.4.5, 7.2.0 through 7.2.11, 7.0.0 through 7.0.18, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiManager Cloud versions 7.4.1 through 7.4.3, FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12, FortiWeb 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3 allows attacker to trigger an escalation of privilege via specially crafted packets. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T15:39:54.000000Z"}, {"uuid": "2f1df9a2-00f1-4de0-a670-8d240df388ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48886", "type": "seen", "source": "https://t.me/cvedetector/15261", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48886 - Fortinet FortiOS Remote Code Execution Weak Authentication Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48886 \nPublished : Jan. 14, 2025, 2:15 p.m. | 21\u00a0minutes ago \nDescription : A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack. \nSeverity: 9.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T15:39:46.000000Z"}, {"uuid": "10e35d90-4e5b-47cf-840f-a5645bb1af8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48883", "type": "seen", "source": "https://t.me/cvedetector/15163", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48883 - Samsung Exynos Uplink Scheduling Message Information Leak\", \n  \"Content\": \"CVE ID : CVE-2024-48883 \nPublished : Jan. 13, 2025, 5:15 p.m. | 20\u00a0minutes ago \nDescription : An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, and Modem 5300. The UE incorrectly handles a malformed uplink scheduling message, resulting in an information leak of the UE. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-13T18:45:06.000000Z"}, {"uuid": "666ff2fd-1510-4ae6-80d6-5a873c5129dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48885", "type": "seen", "source": "https://t.me/cvedetector/15571", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48885 - Fortinet FortiRecorder, FortiWeb, FortiVoice Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48885 \nPublished : Jan. 16, 2025, 9:15 a.m. | 39\u00a0minutes ago \nDescription : A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12 allows attacker to escalate privilege via specially crafted packets. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-16T11:12:59.000000Z"}, {"uuid": "8858e063-6c78-4255-9eac-f5dcf8700317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://t.me/ton618cyber/3482", "content": "Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw\n\nFortinet patches CVE-2024-48887, a 9.3 CVSS FortiSwitch flaw, urging quick upgrades to avoid attacks.\n\nThe Hacker News | thehackernews.com \u2022 Apr 8, 2025", "creation_timestamp": "2025-04-09T05:36:18.000000Z"}, {"uuid": "05d9a452-adfb-4828-8a54-6b16afee1d9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://t.me/ton618cyber/8777", "content": "Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw\n\nFortinet patches CVE-2024-48887, a 9.3 CVSS FortiSwitch flaw, urging quick upgrades to avoid attacks.\n\nThe Hacker News | thehackernews.com \u2022 Apr 8, 2025", "creation_timestamp": "2025-04-09T05:36:18.000000Z"}, {"uuid": "8d4e20a8-6fab-41d4-9ef8-f7846704dd12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48886", "type": "seen", "source": "Telegram/PqBZs4RzjDjuv_Nf_k8AJFliGhFBPbhFtPTPwz56U3kydqQr", "content": "", "creation_timestamp": "2025-02-06T02:40:20.000000Z"}, {"uuid": "2f797fdf-08db-431c-bdca-4672cd175904", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48884", "type": "seen", "source": "Telegram/tYp7BHPUNuwUwrrte63MIplrbQhliypwaG9flapDqT5rCR6o", "content": "", "creation_timestamp": "2025-02-06T02:40:20.000000Z"}, {"uuid": "9c79fa68-add6-4e61-a8ec-2ecfa68914a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "Telegram/4IOCsGwytL8qMlRYLpc4m0lVdOckF3X-RbOoI1m0bMEQcQ", "content": "", "creation_timestamp": "2025-04-09T00:26:22.000000Z"}, {"uuid": "8ab1c0f3-a874-4bad-9e8a-5529764d39f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "published-proof-of-concept", "source": "Telegram/NpG85aq7tLrhk2BRDw3d-JYvHHf0NJAv_t6hPSlAsFpVKhc", "content": "", "creation_timestamp": "2025-04-10T05:00:10.000000Z"}, {"uuid": "85848df6-63eb-476b-8a85-cc66ac3c6d61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "published-proof-of-concept", "source": "Telegram/R8EoyxEXRbLNSWTsyEt6N9qTL1rPI2Yd_uQ0MxwcMFQZ7gc", "content": "", "creation_timestamp": "2025-04-10T17:00:07.000000Z"}, {"uuid": "10134ac2-1559-4035-b555-e777074e0a3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "Telegram/Q7X6Zj1gCQvmDMaj6p4weq-awM-rVul2bTyRkzlorLgefV0", "content": "", "creation_timestamp": "2025-04-09T20:47:06.000000Z"}, {"uuid": "afa5f593-c2bd-4a74-8b4a-054c71608473", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://t.me/xakep_ru/17370", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 FortiSwitch \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Fortinet \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u0442\u0447\u0438 \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-48887 (9,3 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS) \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 FortiSwitch. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432.\n\nhttps://xakep.ru/2025/04/10/fortiswitch-critical-bug/", "creation_timestamp": "2025-04-10T21:02:54.000000Z"}, {"uuid": "9453ca2e-b364-4ad9-8869-762faf73a0b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "published-proof-of-concept", "source": "Telegram/3-ZHnGIziHQfiAv_nnRcq-K1CX5YmX9HY0dHsXamLuxzSs0", "content": "", "creation_timestamp": "2025-04-09T23:00:06.000000Z"}, {"uuid": "5ae4e253-fe51-43cf-9f8e-1f663e4276fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48889", "type": "seen", "source": "https://t.me/true_secator/6558", "content": "Fortinet \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\u00a0\u0432 Wireless LAN Manager (FortiWLM), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\nCVE-2023-34990 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,6 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044e\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\u00a0\u0432 NIST (NVD), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0438\u043b\u0438 \u043a\u043e\u043c\u0430\u043d\u0434 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043a \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u0435 /ems/cgi-bin/ezrf_lighttpd.cgi.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 FortiWLM \u0432\u0435\u0440\u0441\u0438\u0439 8.6.0\u20138.6.5 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 8.6.6 \u0438 \u0432\u044b\u0448\u0435) \u0438 8.5.0\u20138.5.4 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 8.5.5 \u0438 \u0432\u044b\u0448\u0435).\n\n\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f  \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Horizon3.ai \u0417\u0430\u043a\u0443 \u0425\u044d\u043d\u043b\u0438.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c, CVE-2023-34990 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0447\u0442\u0435\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Horizon3.ai \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430\u00a0\u0435\u0449\u0435 \u0432 \u043c\u0430\u0440\u0442\u0435 \u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 \u0448\u0438\u0440\u043e\u043a\u043e\u0433\u043e \u043d\u0430\u0431\u043e\u0440\u0430 \u0438\u0437 \u0448\u0435\u0441\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0432 FortiWLM.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u0430, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u0440\u043e\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0442\u044c \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0438 \u0438 \u0447\u0438\u0442\u0430\u0442\u044c \u043b\u044e\u0431\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2023-34990 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0436\u0443\u0440\u043d\u0430\u043b\u0430 FortiWLM \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 \u0441\u0435\u0430\u043d\u0441\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438 \u043b\u043e\u0433\u0438\u043d, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0435\u043c\u0443 \u0442\u0430\u043a\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0435 \u0442\u043e\u0447\u043a\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0442\u0435\u043c, \u0447\u0442\u043e \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0432\u0435\u0431-\u0441\u0435\u0430\u043d\u0441\u043e\u0432 \u043d\u0435 \u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f \u043c\u0435\u0436\u0434\u0443 \u0441\u0435\u0430\u043d\u0441\u0430\u043c\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0447\u0442\u043e\u0431\u044b \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0438\u0445 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043d\u0430 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443.\n\n\u0418 \u044d\u0442\u043e \u0435\u0449\u0435 \u043d\u0435 \u0432\u0441\u0435.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u0442\u044c CVE-2023-34990 \u0441\u00a0CVE-2023-48782 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8,8), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 FortiWLM 8.6.6 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f RCE \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 root.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043d\u0435\u0435 Fortinet \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 CVE-2024-48889 (CVSS: 7.2) \u0432 FortiManager, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 FGFM.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Fortinet \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f\u00a0\u043e\u0431\u044a\u0435\u043a\u0442\u043e\u043c \u043f\u0435\u0440\u0432\u043e\u043e\u0447\u0435\u0440\u0435\u0434\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u0435\u043c\u043b\u0435\u043d\u0438\u0439 \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u044f, \u043a\u0440\u0430\u0439\u043d\u0435 \u0432\u0430\u0436\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0433\u0440\u043e\u0437.", "creation_timestamp": "2024-12-19T14:06:21.000000Z"}, {"uuid": "9cac6e5a-6ed7-4732-968f-ae46ae757db8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://t.me/thehackernews/6632", "content": "\ud83d\udea8 Critical alert for Fortinet users! A 9.3 CVSS flaw (CVE-2024-48887) in FortiSwitch lets hackers remotely change admin passwords \u2014 no login needed.\n\n\ud83d\udd27 Fix it: Upgrade ASAP (7.6.1+, 7.4.5+, 7.2.9+, 7.0.11+, 6.4.15+)\n\n\u26a1 No exploits yet\u2014but Fortinet bugs have been weaponized before.\n\n\ud83d\udc49 Full details: https://thehackernews.com/2025/04/fortinet-urges-fortiswitch-upgrades-to.html", "creation_timestamp": "2025-04-08T19:57:59.000000Z"}, {"uuid": "00e88f20-6447-4443-8880-7e43b4f42337", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://t.me/true_secator/6929", "content": "Fortinet \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f 10 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 FortiSwitch.\n\n\u041e\u043d\u0430 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-48887 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,3.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043d\u0435\u043f\u0440\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0439 \u0441\u043c\u0435\u043d\u044b \u043f\u0430\u0440\u043e\u043b\u044f \u0432 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f FortiSwitch \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043c\u0435\u043d\u044f\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u0430.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 HTTP/HTTPS \u0438\u0437 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u043e\u0432 \u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0447\u0438\u0441\u043b\u0430 \u0445\u043e\u0441\u0442\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0442\u044c\u0441\u044f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0434\u043e\u043b\u0436\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 FortiSwitch 6.4 - 7.6 \u0438 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u0432\u0435\u0440\u0441\u0438\u0439 6.4.15, 7.0.11, 7.2.9, 7.4.5 \u0438 7.6.1.\n\n\u0422\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f CVE-2024-26013 \u0438 CVE-2024-50565, \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0442\u0438\u043f\u0430 MitM.\n\n\u041f\u043e \u0444\u0430\u043a\u0442\u0443 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 FGFM \u043c\u0435\u0436\u0434\u0443 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u043c\u0438 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u043c\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438 \u0438 \u0432\u044b\u0434\u0430\u0432\u0430\u0442\u044c \u0441\u0435\u0431\u044f \u0437\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e (\u0441\u0435\u0440\u0432\u0435\u0440 FortiCloud \u0438\u043b\u0438 FortiManager).\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435\u043c \u043a\u0430\u043d\u0430\u043b\u0430 \u0441\u0432\u044f\u0437\u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u044b\u043c\u0438 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c\u0438 \u0442\u043e\u0447\u043a\u0430\u043c\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 FortiOS, FortiProxy, FortiManager, FortiAnalyzer, FortiVoice \u0438 FortiWeb.\n\nFortinet \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e \u0437\u0430\u043a\u0440\u044b\u0442\u0438\u0438 CVE-2024-54024 - \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421 \u0432 FortiIsolator, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0441\u0443\u043f\u0435\u0440\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a CLI \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u041f\u043e\u0444\u0438\u043a\u0441\u0438\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u0447\u0435\u0442\u044b\u0440\u044b \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0443 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421 \u0432 FortiIsolator, \u043e\u0448\u0438\u0431\u043a\u0443 \u043b\u043e\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432 FortiManager  \u0438 FortiAnalyzer, \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u043d\u0430 \u043f\u0430\u043d\u0435\u043b\u0438 \u0432\u0438\u0434\u0436\u0435\u0442\u043e\u0432 FortiWeb  \u0438 \u043e\u0431\u0445\u043e\u0434 \u043f\u0443\u0442\u0438 \u0432 FortiWeb.\n\n\u0422\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u044b \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 FortiOS, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0432\u0432\u043e\u0434\u0430 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0438 \u0432\u0435\u0431-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b \u0432 FortiClient (\u043e\u0431\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0438\u043c\u0435\u044e\u0442 \u043d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438).\n\nFortinet \u043d\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u043a\u0430\u043a\u0438\u0435-\u043b\u0438\u0431\u043e \u0438\u0437 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u043d\u043e \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u044f \u0432\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043e\u0441\u043e\u0431\u044b\u0439 \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0430\u043a\u0430\u0442\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435.\n\n\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f - \u0432 \u0440\u0430\u0437\u0434\u0435\u043b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 PSIRT\u00a0Fortinet.", "creation_timestamp": "2025-04-09T19:40:44.000000Z"}, {"uuid": "cf90e194-0ef4-476c-beb4-fe8bb81692de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48887", "type": "seen", "source": "https://t.me/sysodmins/25422", "content": "\ud83d\udd25 FortiSwitch \u0432 \u043e\u0433\u043d\u0435: \u0445\u0430\u043a\u0435\u0440\u044b \u043c\u043e\u0433\u0443\u0442 \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c \u0430\u0434\u043c\u0438\u043d\u0430 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-48887 (9.3/10 CVSS) \u0441\u0442\u0430\u0432\u0438\u0442 \u043f\u043e\u0434 \u0443\u0434\u0430\u0440 \u0442\u044b\u0441\u044f\u0447\u0438 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439. Fortinet \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u0442\u0447\u0438, \u043d\u043e 864 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432\u0441\u0451 \u0435\u0449\u0451 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435.  \n\n\u2014 \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043c\u0435\u043d\u044f\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0447\u0435\u0440\u0435\u0437 GUI, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0441\u043f\u0435\u0446\u0437\u0430\u043f\u0440\u043e\u0441 set_password.  \n\u2014 \u041d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044f \u0438\u043b\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.  \n\u2014 \u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u0432\u0435\u0440\u0441\u0438\u0438 FortiSwitch 6.4.0 \u2014 7.6.0.  \n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \ud83e\udd78 \u0421\u0438\u0441\u0430\u0434\u043c\u0438\u043d", "creation_timestamp": "2025-04-11T01:01:12.000000Z"}]}