VDB
CVE-2024-46665
CVE-2024-46665
PUBLISHED
Es besteht eine Schwachstelle in Fortinet FortiOS. Die Schwachstelle besteht aufgrund der Einfügung von sensiblen Informationen in übertragene Daten. Ein entfernter, anonymer Angreifer in einer Man-in-the-Middle-Position kann diese Schwachstelle ausnutzen, um das gemeinsame Geheimnis des RADIUS-Accounting-Servers offenzulegen, indem er Accounting-Anfragen abfängt.
EPSS 0.65% · 71.3th percentile
Risk Scores
EPSS Score
0.65%
71.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fortinet | Fortinet FortiOS |
Exploit Intelligence
Timeline
- Jan 14, 2025 CVE Published
- Jan 14, 2025 CVE Updated
- Jan 15, 2025 EPSS Score
- Jan 31, 2025 EPSS Score
- Jan 31, 2025 Coalition ESS Score
- Feb 15, 2025 EPSS Score
- Mar 3, 2025 EPSS Score
- Mar 18, 2025 EPSS Score
- Apr 3, 2025 EPSS Score
- Apr 18, 2025 EPSS Score
- Apr 28, 2025 PoC Published
- May 4, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0088.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0088 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-473 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-326 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-250 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-219 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-267 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-266 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-407 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-293 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-373 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-282 advisory