CVE-2024-41914

Summary

CVE-2024-41914 is a newly disclosed vulnerability affecting the web-based management interface of Fortinet's EdgeConnect SD-WAN Orchestrator. This issue grants authenticated remote attackers the capability to execute stored cross-site scripting (XSS) attacks against administrative users of the interface. By exploiting this vulnerability, attackers can inject and run malicious scripts in the victim's browser, potentially gaining unauthorized access to sensitive information or taking control of the affected system. It is essential for organizations using this product to apply the appropriate security patches promptly to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.