A recently disclosed authentication bypass vulnerability, identified as CVE-2024-55591, has been found in Fortinet's FortiOS and FortiProxy systems, allowing remote attackers to gain super-admin privileges by exploiting the Node.js WebSocket module. This zero-day vulnerability enables attackers to create unauthorized admin or local user accounts on compromised devices, which are then integrated into SSL VPN user groups. Rated as critical with a CVSSv3 score of 9.6, the vulnerability has been actively exploited in the wild, prompting Fortinet to release security patches for affected versions. It is recommended that users apply these patches immediately, restrict management interface access, and monitor for indicators of compromise, while the Coralogix team has incorporated these indicators into their threat intel feed to enhance real-time detection and monitoring.