CVE-2024-55599

CVE Database · CVE-2024-55599

CVE-2024-55599

· MEDIUMAnalyzed

CVSS v3.1

5.3

EPSS

0.34%

Published

Jul 8, 2025

Modified

Jul 22, 2025

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS version 7.6.0, version 7.4.7 and below, 7.0 all versions, 6.4 all versions and FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions may allow a remote unauthenticated user to bypass the DNS filter via Apple devices.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Weaknesses (CWE)

CWE-358

Affected Products (6)

fortinet · fortiproxy (up to 7.4.9)vulnerable

fortinet · fortiproxy (up to 7.6.2)vulnerable

fortinet · fortisasevulnerable

fortinet · fortios (up to 7.2.11)vulnerable

fortinet · fortios (up to 7.4.8)vulnerable

fortinet · fortiosvulnerable

References (1)

https://fortiguard.fortinet.com/psirt/FG-IR-24-053

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs