Fortinet released patches for 10 vulnerabilities on Tuesday, including a critical bug in FortiSwitch (CVE-2024-48887, CVSS 9.3) that allows remote attackers to change admin passwords. High-severity flaws were also fixed in FortiOS and other products, including MitM risks (CVE-2024-26013, CVE-2024-50565) and an OS command injection in FortiIsolator. Fortinet urges users to update immediately, though no active exploitation has been reported.

‍