Critical Fortinet FortiOS bug CVE-2024-21762 potentially impact 150,000 internet-facing devices

Critical Fortinet FortiOS bug CVE-2024-21762 potentially impact 150,000 internet-facing devices

[ad_1]

Vital Fortinet FortiOS bug CVE-2024-21762 probably impacts 150,000 internet-facing units

Pierluigi Paganini
March 09, 2024

Researchers warn that the important vulnerability CVE-2024-21762 in Fortinet FortiOS may probably impression 150,000 uncovered units.

In February, Fortinet warned that the important distant code execution vulnerability CVE-2024-21762 (CVSS rating 9.6) in FortiOS SSL VPN was actively exploited in assaults within the wild.

The safety agency didn’t present particulars concerning the assaults exploiting this vulnerability.

The difficulty is an out-of-bounds write vulnerability that may be exploited by sending specifically crafted HTTP requests to susceptible cases. The seller recommends to disable SSL VPN as a workaround.

“A out-of-bounds write vulnerability [CWE-787] in FortiOS could permit a distant unauthenticated attacker to execute arbitrary code or command through specifically crafted HTTP requests.” reads the advisory.

“Workaround : disable SSL VPN (disable webmode is NOT a legitimate workaround). Word: That is probably being exploited within the wild.”

The next desk contains the checklist of the impacted variations and the accessible variations that resolve the problem.

Model Affected Answer
FortiOS 7.6 Not affected Not Relevant
FortiOS 7.4 7.4.0 by means of 7.4.2 Improve to 7.4.3 or above
FortiOS 7.2 7.2.0 by means of 7.2.6 Improve to 7.2.7 or above
FortiOS 7.0 7.0.0 by means of 7.0.13 Improve to 7.0.14 or above
FortiOS 6.4 6.4.0 by means of 6.4.14 Improve to six.4.15 or above
FortiOS 6.2 6.2.0 by means of 6.2.15 Improve to six.2.16 or above
FortiOS 6.0 6.0 all variations Migrate to a hard and fast launch

The U.S. Cybersecurity and Infrastructure Safety Company (CISA) added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.

This week, researchers on the Shadowserver Basis announced that just about 150,000 units are nonetheless probably impacted by the problem regardless of Fortinet added it to the catalog.

The researchers scanned the Web for Web-facing Fortinet FortiOS and FortiProxy safe net gateway methods susceptible to CVE-2024-21762.

The majority of vulnerable devices (at March 9, 2024) are in the US (24.647), adopted by India (7.713), and Brazil (4.934).

Researchers from GreyNoise additionally revealed an attention-grabbing evaluation on the bug, titled “Hunting for Fortinet CVE-2024-21762: Vulnerability Research for Detection Engineering.”

Comply with me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, FortiOS)



author

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *