VYPR
Unrated severityNVD Advisory· Published Jun 10, 2025· Updated Jun 10, 2025

CVE-2024-50568

CVE-2024-50568

Description

A channel accessible by non-endpoint vulnerability [CWE-300] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7 and before 7.0.14 & FortiProxy version 7.4.0 through 7.4.3, 7.2.0 through 7.2.9 and before 7.0.16 allows an unauthenticated attacker with the knowledge of device specific data to spoof the identity of a downstream device of the security fabric via crafted TCP requests.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Fortinet/Fortiosv52 versions
    cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*range: 7.4.0
    • (no CPE)range: >=7.0.0 <7.0.14; >=7.2.0 <=7.2.7; >=7.4.0 <=7.4.3
  • Fortinet/Fortiproxyllm-fuzzy2 versions
    >=7.0.0 <7.0.16; >=7.2.0 <=7.2.9; >=7.4.0 <=7.4.3+ 1 more
    • (no CPE)range: >=7.0.0 <7.0.16; >=7.2.0 <=7.2.9; >=7.4.0 <=7.4.3
    • (no CPE)range: 7.4.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.