# CVE-2024-47575

> A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4, FortiManager Cloud 7.2.1 through 7.2.7, FortiManager Cloud 7.0.1 through 7.0.12, FortiManager Cloud 6.4.1 through 6.4.7 allows attacker to execute arbitrary code or commands via specially crafted requests.

- **CVSS:** 9.8 (CRITICAL)
- **EPSS:** 93.8%
- **CISA KEV:** yes
- **CWE:** CWE-306

Canonical: https://intel.threadlinqs.com/cve/CVE-2024-47575
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp