Fortinet Releases Security Updates to Fix Critical Vulnerability in FortiSwitch

Fortinet has released security updates to address a critical vulnerability affecting FortiSwitch, which allows an attacker to modify passwords without authorization. The vulnerability, listed under the number CVE-2024-48887, has a CVSS score of 9.3 out of 10. This flaw, classified as an unverified password change vulnerability (CWE-620) in the FortiSwitch graphical interface, could allow a remote, unauthenticated attacker to modify administrative passwords.