Created on 01-15-2025 05:10 AM Edited on 01-16-2025 12:08 AM By Jean-Philippe_P
Description
This article provides some information about the currently detected vulnerability and fixes available.
Scope
FortiGate.
Solution
See the FortiGuard page for information about CVE-2024-55591.
The fix suggested is to upgrade to FortiOS 7.0.17, see v7.0.17 Release Notes.
This firmware has been released already for most hardware models and contains the fix for this vulnerability.
If a device does not show v7.0.17 as available, download the firmware image from support site or update the device's known firmware images manually.
Some G series units such as FortiGate 50G and FortiGate Rugged 70G have no v7.0.17 build available as of January 15, 2025. The request has been submitted and there may be a fix available shortly. In the meantime, implement the suggested workarounds in the above FortiGuard link. FortiGate 90G/91G has the fix available and an upgrade is recommended.
FortiGate 200E/201E firmware was reported not available through the support site earlier but was verified available as of January 15 2025 1:30 PM Eastern Time.