Demo of the CyCognito PlatformSee the CyCognito platform in action to understand how it can help you identify, prioritize and eliminate your most critical risks. More...
State of External Exposure Management, Summer 2024 EditionDownload the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024. More...
The Total Economic Impact™ of The CyCognito PlatformRead The Total Economic Impact™ of The CyCognito Platform — a Forrester study. Cost Savings And Business Benefits Enabled By The CyCognito Platform. More...
External Exposure & Attack Surface Management For DummiesAs your attack surface has grown to cloud infrastructures and across subsidiaries, attackers are looking for and finding unknown and unmanaged assets to serve as their entry points. More...
On January 14, 2025, Fortinet disclosed a new critical (CVSS 9.6) authentication bypass vulnerability affecting FortiOS and FortiProxy. This vulnerability, CVE-2024-55591, allows unauthenticated remote attackers to target the Node.js WebSocket module of the administrative interface and potentially gain super-admin privileges.
The following assets are affected by CVE-2024-55591:
The following assets are NOT affected by CVE-2024-55591:
Fortinet has released patches for all affected versions and recommends upgrading vulnerable assets as soon as possible.
If patching is not feasible, Fortinet recommends restricting access to the administrative interface. Organizations can either disable the HTTP/HTTPS administrative interface entirely or use local-in policies to limit IP addresses that can access the administrative interface.
Fortinet has also provided Indicators of Compromise (IoCs) in their vendor advisory.
Researchers at Arctic Wolf reported on January 10th, 2025 that this vulnerability may have been actively exploited in the wild since November 2024 as part of a larger campaign targeting exposed FortiGate firewall devices. As of January 15th, there is no public proof of concept available for CVE-2024-55591.
CyCognito customers can review potentially affected assets within the platform to identify whether any assets are running these services with default HTTP/HTTPS ports (tcp/443, tcp/80). Users also have access to an emerging threat advisory within the CyCognito platform.
Figure 1: The alert sent by CyCognito for CVE-2024-55591
It’s worth noting that this comes on the heels of other serious vulnerabilities affecting FortiOS products. For more information about those vulnerabilities and CyCognito’s response, check out our blog posts covering CVE-2024-23113 and CVE-2024-47575.
CyCognito is an exposure management platform that reduces risk by discovering, testing and prioritizing security issues. The platform scans billions of websites, cloud applications and APIs and uses advanced AI to identify the most critical risks and guide remediation. Emerging companies, government agencies and Fortune 500 organizations rely on CyCognito to secure and protect from growing threats. Want to see how it works? Check out our website and explore our platform with a self-guided, interactive dashboard product tour. To learn how CyCognito can help you understand your external attack surface and exposed risks, please visit our Contact Us page to schedule a demo.
Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024.
Download the report to learn about the historical trends behind the emergence of exposure management, how to develop a strategic plan and assemble a team to smoothly transition frameworks, and example tech stacks to consider for your organization.
Get a free scan of your attack surface and gain valuable insight into your organization's risk posture by allowing CyCognito to discover, contextualize, and test externally exposed assets on a portion of your parent company or a single subsidiary.
CyCognito solves one of the most fundamental business problems in cybersecurity: seeing how attackers view your organization, where they are most likely to break in, what systems and assets are at risk and how you can eliminate the exposure.
Founded by national intelligence agency veterans, CyCognito has a deep understanding of how attackers exploit blind spots and a path of least resistance. Based in Palo Alto, CyCognito serves a number of large enterprises and Fortune 500 organizations, including Colgate-Palmolive, Tesco and many others.
For more information, follow us on Twitter @cycognito.
Privacy Policy Terms of Service Sitemap