CVE-2024-55591CISA KEVEPSS p99.9%

CVE-2024-55591Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability

Fortinet / FortiOS and FortiProxy

Description

Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.

Scoring

EPSS98.24% probability of exploitation · percentile 99.9% · 2026-06-15T12:03:41Z

CISA KEV entry

Added to KEV: 2025-01-14

(incoming)1

TypeTargetConfidenceTier
KEVEntryFortinet FortiOS and FortiProxy Authentication Bypass Vulnerabilitykev-cve-2024-555910%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2022-40684
CVE
Fortinet FortiClient EMS Improper Access Control Vulnerability
CVE
Fortinet FortiManager Missing Authentication Vulnerability
CVE
Fortinet FortiWeb Path Traversal Vulnerability
CVE
CVE-2025-22256
CVE
CVE-2025-52970
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.