FortiNDR is a Network Detection and Response solution developed by Fortinet. It uses artificial intelligence and machine learning to detect and respond to advanced threats and anomalies in network traffic. FortiNDR provides real-time threat intelligence, automated incident response, and forensic analysis capabilities to help organizations improve their security posture.

FortiNDR

An improper validation of integrity check value vulnerability [CWE-354] in FortiNDR version 7.4.2 and below, version 7.2.1 and below, version 7.1.1 and below, version 7.0.6 and below may allow an authenticated attacker with at least Read/Write permission on system maintenance to install a corrupted firmware image.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-32756	CRITICAL	9.8	Fortimail	cpe:2.3:a:fortinet:fortimail	Yes	Yes	May 13, 2025
CVE-2023-33302	HIGH	8.8	Fortimail	cpe:2.3:a:fortinet:fortimail	No	Yes	Mar 31, 2025
CVE-2024-47573	MEDIUM	6.5	FortiNDR	cpe:2.3:a:fortinet:fortindr	No	Yes	Mar 14, 2025
CVE-2024-40588	MEDIUM	4.4	Fortimail	cpe:2.3:a:fortinet:fortimail	No	Yes	Aug 12, 2025
CVE-2024-47569	MEDIUM	4.3	FortiOS	cpe:2.3:a:fortinet:fortiweb	No	Yes	Oct 14, 2025

CVE-2024-47573:
FortiNDR vulnerability analysis and mitigation

6.5

Related FortiNDR vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2024-47573: FortiNDR vulnerability analysis and mitigation