Important Fortinet FortiOS bug CVE-2024-21762 doubtlessly impacts 150,000 internet-facing units
March 09, 2024
Researchers warn that the crucial vulnerability CVE-2024-21762 in Fortinet FortiOS may doubtlessly impression 150,000 uncovered units.
In February, Fortinet warned that the crucial distant code execution vulnerability CVE-2024-21762 (CVSS rating 9.6) in FortiOS SSL VPN was actively exploited in assaults within the wild.
The safety agency didn’t present particulars in regards to the assaults exploiting this vulnerability.
The difficulty is an out-of-bounds write vulnerability that may be exploited by sending specifically crafted HTTP requests to weak cases. The seller recommends to disable SSL VPN as a workaround.
“A out-of-bounds write vulnerability [CWE-787] in FortiOS could enable a distant unauthenticated attacker to execute arbitrary code or command by way of specifically crafted HTTP requests.” reads the advisory.
“Workaround : disable SSL VPN (disable webmode is NOT a sound workaround). Observe: That is doubtlessly being exploited within the wild.”
The next desk consists of the record of the impacted variations and the out there variations that remedy the difficulty.
Model | Affected | Answer |
---|---|---|
FortiOS 7.6 | Not affected | Not Relevant |
FortiOS 7.4 | 7.4.0 by way of 7.4.2 | Improve to 7.4.3 or above |
FortiOS 7.2 | 7.2.0 by way of 7.2.6 | Improve to 7.2.7 or above |
FortiOS 7.0 | 7.0.0 by way of 7.0.13 | Improve to 7.0.14 or above |
FortiOS 6.4 | 6.4.0 by way of 6.4.14 | Improve to six.4.15 or above |
FortiOS 6.2 | 6.2.0 by way of 6.2.15 | Improve to six.2.16 or above |
FortiOS 6.0 | 6.0 all variations | Migrate to a hard and fast launch |
The U.S. Cybersecurity and Infrastructure Safety Company (CISA) added this vulnerability to its Recognized Exploited Vulnerabilities (KEV) catalog.
This week, researchers on the Shadowserver Basis introduced that almost 150,000 units are nonetheless doubtlessly impacted by the difficulty regardless of Fortinet added it to the catalog.
The researchers scanned the Web for Web-facing Fortinet FortiOS and FortiProxy safe net gateway techniques weak to CVE-2024-21762.
Nearly all of weak units (at March 9, 2024) are in america (24.647), adopted by India (7.713), and Brazil (4.934).
Researchers from GreyNoise additionally revealed an attention-grabbing evaluation on the bug, titled “Trying to find Fortinet CVE-2024-21762: Vulnerability Analysis for Detection Engineering.”
Observe me on Twitter: @securityaffairs and Fb
Pierluigi Paganini
(SecurityAffairs – hacking, FortiOS)