CVE-2024-55599 MEDIUM

CVE-2024-55599

Vendor Fortinet
Product FortiOS
Weakness CWE-358
Published July 8, 2025
Last update June 9, 2026

CVSS base score

4.9/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:X/RC:X

What the vulnerability does

01Description

An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS version 7.6.0, version 7.4.7 and below, 7.0 all versions, 6.4 all versions and FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions may allow a remote unauthenticated user to bypass the DNS filter via Apple devices.

Key dates

02Disclosure timeline

July 8, 2025 CVE published
June 9, 2026 Record updated