CVE-2024-52963: Denial of service in Fortinet FortiProxy
CVE-2024-52963 is a low-severity denial of service vulnerability in Fortinet FortiProxy caused by an out-of-bounds write. It affects multiple FortiOS versions including 7. 6. 0, 7. 4. 0 through 7. 4. 6, 7. 2. 0 through 7.
AI Analysis
Technical Summary
An out-of-bounds write vulnerability exists in Fortinet FortiProxy within specified FortiOS versions. This flaw allows an unauthenticated attacker to cause a denial of service by sending specially crafted packets. The vulnerability has a CVSS 3.1 base score of 3.5, indicating low severity, with network attack vector, high attack complexity, no privileges required, and no user interaction needed. The vendor has assigned a remediation level of workaround, indicating no official patch is currently available but mitigations may exist.
Potential Impact
Successful exploitation results in denial of service (DoS) affecting availability of FortiProxy services. There is no impact on confidentiality or integrity. No known exploits have been observed in the wild.
Mitigation Recommendations
The vendor has not released an official patch but has assigned a remediation level of workaround. Users should consult Fortinet advisories for recommended workarounds. Patch status is not yet confirmed — check the vendor advisory for current remediation guidance.
CVE-2024-52963: Denial of service in Fortinet FortiProxy
Description
CVE-2024-52963 is a low-severity denial of service vulnerability in Fortinet FortiProxy caused by an out-of-bounds write. It affects multiple FortiOS versions including 7. 6. 0, 7. 4. 0 through 7. 4. 6, 7. 2. 0 through 7.
CVSS v3.1
Score 3.5low
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
An out-of-bounds write vulnerability exists in Fortinet FortiProxy within specified FortiOS versions. This flaw allows an unauthenticated attacker to cause a denial of service by sending specially crafted packets. The vulnerability has a CVSS 3.1 base score of 3.5, indicating low severity, with network attack vector, high attack complexity, no privileges required, and no user interaction needed. The vendor has assigned a remediation level of workaround, indicating no official patch is currently available but mitigations may exist.
Potential Impact
Successful exploitation results in denial of service (DoS) affecting availability of FortiProxy services. There is no impact on confidentiality or integrity. No known exploits have been observed in the wild.
Mitigation Recommendations
The vendor has not released an official patch but has assigned a remediation level of workaround. Users should consult Fortinet advisories for recommended workarounds. Patch status is not yet confirmed — check the vendor advisory for current remediation guidance.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- fortinet
- Date Reserved
- 2024-11-18T13:36:52.465Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- workaround
Threat ID: 6a27e6ae8dd33fbd8514ca51
Added to database: 6/9/2026, 10:10:54 AM
Last enriched: 6/9/2026, 10:56:20 AM
Last updated: 6/9/2026, 11:39:12 AM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.