CVE-2024-32123: 
Fortinet FortiManager vulnerability analysis and mitigation

Multiple improper neutralization of special elements used in an OS command (OS Command Injection) vulnerabilities were discovered in FortiManager CLI and FortiAnalyzer products. The vulnerability, identified as CVE-2024-32123, was discovered internally by Fortinet's Product Security team and disclosed on March 11, 2025. The vulnerability affects multiple versions of FortiManager (from 4.3.4 through 7.4.3) and FortiAnalyzer (versions 6.2 through 7.4.3) products (Fortiguard PSIRT).

The vulnerability is classified as a Command Injection vulnerability (CWE-78) that exists in the CLI interface of affected products. It received a CVSSv3.1 Base Score of 6.7 (Medium severity) with the vector string CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. The vulnerability requires local access and high privileges to exploit, but could result in high impacts to confidentiality, integrity, and availability (NVD).

If successfully exploited, this vulnerability allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests. The impact could be significant as it potentially enables command execution in the context of the affected service account, which could lead to system compromise (Fortiguard PSIRT).

Fortinet has released patches for affected versions. For FortiManager 7.4, users should upgrade to version 7.4.4 or above. For FortiManager 7.2, upgrade to version 7.2.6 or above. Users of FortiManager versions 7.0 and earlier should migrate to a fixed release. Similar upgrade paths are available for FortiAnalyzer products. FortiAnalyzer 7.4 users should upgrade to version 7.4.4 or above, and 7.2 users should upgrade to version 7.2.6 or above (Fortiguard PSIRT).