CVE-2024-5559

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS and FortiProxy versions are affected, but specific versions are not provided in the highest-priority sources.

Description A cryptographic algorithm issue exists that could cause denial of service, device reboot, or an attacker gaining full control of the relay when a specially crafted reset token is entered into the front panel of the device. Nearly 45,000 vulnerable hosts are reported as of January 27, 2025, highlighting the widespread risk posed by this issue.

Recommendations Since specific affected versions of Fortinet FortiOS and FortiProxy are not provided, a general recommendation cannot be accurately tailored to each version. However, based on the information given, it is crucial for users of Fortinet FortiOS and FortiProxy to apply the necessary patches or updates as soon as possible to mitigate the risk. For each potentially affected version of Fortinet FortiOS and FortiProxy, apply the patch released by Fortinet to fix the cryptographic algorithm issue.