FortiJump (CVE-2024-47575) is an unauthenticated RCE in FortiManager exploited since June 2024. It enables control of FortiManager and all managed FortiGate firewalls.

CVE-2024-47575: FortiManager Unauthenticated RCE (FortiJump)

CRITICAL

9.8CRITICAL

Published: 2024-10-23Affected: FortiManager 7.x, 6.x multiple versionsCWE-306 ↗

What is FortiJump?

A missing authentication vulnerability in FortiManager's FGFM (FortiGate to FortiManager) daemon. Unauthenticated attackers can execute arbitrary code and commands via specially crafted requests, dubbed "FortiJump" by researchers.

Impact & Exploitation

Exploited as a zero-day since June 2024. Over 50 organizations compromised before disclosure. Enables complete control of FortiManager and all managed FortiGate firewalls.

How Precogs AI Detects FortiManager Unauthenticated RCE (FortiJump)

Precogs AI Binary SAST analyzes FortiManager firmware for missing authentication in management protocols, detecting vulnerabilities in network management infrastructure.

Scan for CVE-2024-47575

Precogs Research

This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.

CVE-2024-47575: FortiManager Unauthenticated RCE (FortiJump)

What is FortiJump?

Impact & Exploitation

How Precogs AI Detects FortiManager Unauthenticated RCE (FortiJump)

Precogs Research

Base Score

Tags

Quick Links

Is your system affected?

What is FortiJump?

Impact & Exploitation

How Precogs AI Detects FortiManager Unauthenticated RCE (FortiJump)

Related Resources

🔍 Related CWE Entries

📖 Security Guides

🔗 External References

Precogs Research

Base Score

Tags

Quick Links

Is your system affected?