[ad_1]
Vital Fortinet FortiOS bug CVE-2024-21762 probably impacts 150,000 internet-facing units
Researchers warn that the important vulnerability CVE-2024-21762 in Fortinet FortiOS may probably impression 150,000 uncovered units.
In February, Fortinet warned that the important distant code execution vulnerability CVE-2024-21762 (CVSS rating 9.6) in FortiOS SSL VPN was actively exploited in assaults within the wild.
The safety agency didn’t present particulars concerning the assaults exploiting this vulnerability.
The difficulty is an out-of-bounds write vulnerability that may be exploited by sending specifically crafted HTTP requests to susceptible cases. The seller recommends to disable SSL VPN as a workaround.
“A out-of-bounds write vulnerability [CWE-787] in FortiOS could permit a distant unauthenticated attacker to execute arbitrary code or command through specifically crafted HTTP requests.” reads the advisory.
“Workaround : disable SSL VPN (disable webmode is NOT a legitimate workaround). Word: That is probably being exploited within the wild.”
The next desk contains the checklist of the impacted variations and the accessible variations that resolve the problem.
Model | Affected | Answer |
---|---|---|
FortiOS 7.6 | Not affected | Not Relevant |
FortiOS 7.4 | 7.4.0 by means of 7.4.2 | Improve to 7.4.3 or above |
FortiOS 7.2 | 7.2.0 by means of 7.2.6 | Improve to 7.2.7 or above |
FortiOS 7.0 | 7.0.0 by means of 7.0.13 | Improve to 7.0.14 or above |
FortiOS 6.4 | 6.4.0 by means of 6.4.14 | Improve to six.4.15 or above |
FortiOS 6.2 | 6.2.0 by means of 6.2.15 | Improve to six.2.16 or above |
FortiOS 6.0 | 6.0 all variations | Migrate to a hard and fast launch |
The U.S. Cybersecurity and Infrastructure Safety Company (CISA) added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.
This week, researchers on the Shadowserver Basis announced that just about 150,000 units are nonetheless probably impacted by the problem regardless of Fortinet added it to the catalog.
The researchers scanned the Web for Web-facing Fortinet FortiOS and FortiProxy safe net gateway methods susceptible to CVE-2024-21762.
The majority of vulnerable devices (at March 9, 2024) are in the US (24.647), adopted by India (7.713), and Brazil (4.934).
Researchers from GreyNoise additionally revealed an attention-grabbing evaluation on the bug, titled “Hunting for Fortinet CVE-2024-21762: Vulnerability Research for Detection Engineering.”
Comply with me on Twitter: @securityaffairs and Facebook
(SecurityAffairs – hacking, FortiOS)