CVE-2019-5591 – Fortinet / FortiOS – Missing authentication for critical function

Click the icon to Follow me:- twitterTelegramRedditDiscord

Summary:

CVE-2019-5591 is a missing authentication for critical function vulnerability impacting Fortinet FortiOS versions 6.2.0 and earlier. A proof of concept (PoC) was not observed publicly or in the underground. Security researchers at the Cybersecurity and Infrastructure Security Agency (CISA) and other organisations claimed the vulnerability was actively exploited in the wild to compromise unpatched systems.

PoC Links(if available):

CISA: Top Routinely Exploited Vulnerabilities –
https://us-cert.cisa.gov/ncas/alerts/aa21-209a

Known Counter Measures:

Fortinet addressed the vulnerability in a security advisory with an updated version.

Links to patches(if available)

https://www.fortiguard.com/psirt/FG-IR-19-037

Available for Amazon Prime