CVE-2024-45331: 
Fortinet FortiManager vulnerability analysis and mitigation

A privilege escalation vulnerability (CVE-2024-45331) was discovered in Fortinet FortiAnalyzer and FortiManager products. The vulnerability affects multiple versions of FortiAnalyzer (6.4.0-6.4.15, 7.0.0-7.0.13, 7.2.0-7.2.5, 7.4.0-7.4.3), FortiManager (6.4.0-6.4.15, 7.0.0-7.0.13, 7.2.0-7.2.5, 7.4.0-7.4.2), and their cloud versions. The vulnerability was internally discovered and reported by Gwendal Guégniaud of Fortinet Product Security Team, with initial disclosure on January 14, 2025 (Fortinet Advisory).

The vulnerability is classified as an incorrect privilege assignment (CWE-266) that allows attackers to escalate privileges via specific shell commands. The vulnerability has received a CVSS v3.1 base score of 7.8 (High) from NIST with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating local access requirements, low attack complexity, and high impact on confidentiality, integrity, and availability (NVD).

The vulnerability can lead to privilege escalation, potentially allowing attackers with local access to gain elevated privileges in the affected systems. This could result in complete compromise of system confidentiality, integrity, and availability (NVD).

Fortinet has released patches for affected versions. Users are advised to upgrade FortiAnalyzer 7.4.x to version 7.4.4 or above, 7.2.x to version 7.2.6 or above, and migrate from all versions of 7.0.x and 6.4.x to a fixed release. For FortiManager, similar upgrade paths are recommended: 7.4.x to version 7.4.4 or above, 7.2.x to version 7.2.6 or above, and migration from 7.0.x and 6.4.x versions. Cloud versions have corresponding upgrade paths (Fortinet Advisory).