CVE-2024-50562

MEDIUM

Fortinet Fortisase < 7.2.11 - Insufficient Session Expiration

Title source: rule

Exploitation Summary

EIP tracks 2 public exploits for CVE-2024-50562. PoCs published by Shahid Hakim, Shahid-BugB.

AI-analyzed exploit summary This exploit demonstrates CVE-2024-50562, an insufficient session expiration vulnerability in FortiOS SSL-VPN. It authenticates, logs out, and tests if stale session cookies remain valid, confirming the vulnerability.

Description

An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions may allow an attacker in possession of a cookie used to log in the SSL-VPN portal to log in again, although the session has expired or was logged out.

Exploits (2)

exploitdb WORKING POC

by Shahid Hakim · pythonremotemultiple

https://www.exploit-db.com/exploits/52336

View Code ZIP pw:eip

This exploit demonstrates CVE-2024-50562, an insufficient session expiration vulnerability in FortiOS SSL-VPN. It authenticates, logs out, and tests if stale session cookies remain valid, confirming the vulnerability.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: FortiOS SSL-VPN 7.6.0, 7.4.0-7.4.7, 7.2.0-7.2.10, 7.0.x, 6.4.x

Auth required

Prerequisites: valid credentials for the target FortiOS SSL-VPN · network access to the target

MITRE ATT&CK

T1189 - Drive-by Compromise T1550.001 - Application Access Token

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec SCANNER

by Shahid-BugB · poc

https://github.com/Shahid-BugB/fortinet-cve-2024-50562

View Code ZIP pw:eip

This repository contains a Python-based scanner for CVE-2024-50562, an Insufficient Session Expiration vulnerability in Fortinet SSL-VPN. The tool validates whether session cookies are properly invalidated after logout by replaying captured cookies.

Classification

Scanner 100%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Fortinet FortiOS SSL-VPN (versions 7.6.0, 7.4.0-7.4.7, 7.2.0-7.2.10, 7.0, 6.4, FortiSASE 24.4.b)

Auth required

Prerequisites: Valid SSL-VPN credentials · Network access to the FortiGate SSL-VPN portal

MITRE ATT&CK

T1189 - Drive-by Compromise T1078 - Valid Accounts

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory

https://fortiguard.fortinet.com/psirt/FG-IR-24-339

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-864900.html

Scores

CVSS v3 4.8

EPSS 0.0108

EPSS Percentile 60.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-613

Status published

Products (19)

fortinet/fortios 7.6.0

Fortinet/FortiOS 6.4.0 - 6.4.16

fortinet/fortios 6.4.0 - 7.2.11

Fortinet/FortiOS 7.0.0 - 7.0.17

Fortinet/FortiOS 7.2.0 - 7.2.10

Fortinet/FortiOS 7.4.0 - 7.4.4

Fortinet/FortiOS 7.4.6

Fortinet/FortiOS 7.6.0

Fortinet/FortiPAM 1.0.0 - 1.0.3

Fortinet/FortiPAM 1.1.0 - 1.1.2

... and 9 more

Published Jun 10, 2025

Tracked Since Feb 18, 2026