Improper Validation of firmware Integrity Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-23-461 Final 1 1 2025-01-14T00:00:00 Current version 2025-01-14T00:00:00 2025-01-14T00:00:00 An improper validation of integrity check value vulnerability [CWE-354] in FortiNDR may allow an authenticated attacker with at least Read/Write permission on system maintenance to install a corrupted firmware image. None Denial of service None Internally discovered and reported by Dipanjan Das from FortiGuard Research team. FortiNDR 7.4.2 FortiNDR 7.4.1 FortiNDR 7.4.0 FortiNDR 7.2.1 FortiNDR 7.2.0 FortiNDR 7.1.1 FortiNDR 7.1.0 FortiNDR 7.0.7 FortiNDR 7.0.6 FortiNDR 7.0.5 FortiNDR 7.0.4 FortiNDR 7.0.3 FortiNDR 7.0.2 FortiNDR 7.0.1 FortiNDR 7.0.0 CVE-2024-47573 FortiNDR-7.4.2 FortiNDR-7.4.1 FortiNDR-7.4.0 FortiNDR-7.2.1 FortiNDR-7.2.0 FortiNDR-7.1.1 FortiNDR-7.1.0 FortiNDR-7.0.7 FortiNDR-7.0.6 FortiNDR-7.0.5 FortiNDR-7.0.4 FortiNDR-7.0.3 FortiNDR-7.0.2 FortiNDR-7.0.1 FortiNDR-7.0.0 6.0 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:U/RL:X/RC:X https://fortiguard.fortinet.com/psirt/FG-IR-23-461 Improper Validation of firmware Integrity Reference>