CVE-2024-55591

ENISA EUVD: EUVD-2024-52819 ↗

Exploited in the Wild ✓ Confirmed 0-Day

Triaged: March 5, 2026 9 articles Published: 2025-01-14

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

94.16%

probability

This CVE has a 94.16% probability of being exploited in the next 30 days.

0% Top 99.9th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

9.6

CRITICAL

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Temporal

Exploit Code Maturity

High

Remediation Level

Workaround

Report Confidence

Confirmed

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:W/RC:C

Description

VulnerabilityLookup (CNA)

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.

Affected Products

Fortinet

FortiOS

7.0.0

Fortinet

FortiProxy

7.2.0 7.0.0

fortinet

fortiproxy

fortinet

fortios

Fortinet

FortiOS

7.0.0 ≤7.0.16

Fortinet

FortiProxy

7.2.0 ≤7.2.12

Fortinet

FortiProxy

7.0.0 ≤7.0.19

Attack Intelligence

CWE-284 · Improper Access Control CWE-287 · Improper Authentication CWE-288 · Authentication Bypass by Alternate Path/Channel CWE-306 · Missing Authentication

Exploits & PoC

watchtowrlabs/fortios-auth-bypass-poc-CVE-2024-55591

77 2025-01-27

watchtowrlabs/fortios-auth-bypass-check-CVE-2024-55591

66 2025-01-16

sysirq/fortios-auth-bypass-poc-CVE-2024-55591

26 2025-01-23

exfil0/CVE-2024-55591-POC

A comprehensive all-in-one Python-based Proof of Concept script to discover and exploit a critical authentication bypass vulnerability (CVE-2024-55591

11 2025-05-26

virus-or-not/CVE-2024-55591

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS and FortiProxy may allow a remote attacker to ga

8 2025-01-29

sysirq/fortios-auth-bypass-exploit-CVE-2024-55591

3 2025-01-23

UMChacker/CVE-2024-55591-POC

2 2025-05-26

0x7556/CVE-2024-55591

0 2025-04-25

8 repos — triés par ⭐ Rechercher sur GitHub ↗

https://fortiguard.fortinet.com/psirt/FG-IR-24-535

Signal Intelligence

Confidenceⓘ

85%

EPSS 94.16%

CVSS v3.1 9.6

Mentions 9

Last Seen Apr 06, 2026

CNA Information

CNA Assigner

fortinet

Analyst Note

CVE-2024-55591 is explicitly described as a 'zero-day exploited to hijack firewalls' by Fortinet and BleepingComputer. The vulnerability affects FortiOS/FortiProxy with a critical CVSS of 9.6, was publicly disclosed on 2025-01-14 with a patch, and multiple sources confirm active exploitation in the wild preceding or concurrent with patch availability. No contradictory evidence of prior patching exists.