Main Vulnerability Database Vulnerabilities #VU117130

#VU117130 Improper Check or Handling of Exceptional Conditions in Fortinet, Inc products - CVE-2024-26008

Published: October 14, 2025

Vulnerability identifier: #VU117130

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2024-26008

CWE-ID: CWE-703

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
FortiOS
FortiPAM
FortiProxy
FortiSwitch Manager

Software vendor:
Fortinet, Inc

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper check or handling of exceptional conditions of the connection. An unauthenticated attacker can repeatedly reset the fgfm connection via crafted SSL encrypted TCP requests.

Remediation

Install update from vendor's website.

External links

https://www.fortiguard.com/psirt/FG-IR-24-041

#VU117130 Improper Check or Handling of Exceptional Conditions in Fortinet, Inc products - CVE-2024-26008

Description

Remediation

External links

Please verify you're human