Generic filters
Exact matches only
Search in title
Search in content
Filter by Custom Post Type
Posts
Filter by Categories







[CVSS 9+] Critical Fortinet Vulnerability Potentially Exploited

Executive Summary

A critical remote code execution vulnerability, CVE-2024-21762, has been discovered in Fortinet FortiOS SSL VPN, potentially being exploited in attacks.

With an initial CVSS score of 9.6, the vulnerability allows unauthenticated attackers to execute arbitrary code remotely.

Fortinet has urged users to upgrade to patched versions or disable SSL VPN to mitigate the risk.

This vulnerability follows a series of critical exploits targeting Ivanti VPN, and zero-day exploits by Chinese state-sponsored targeting Fortinet VPN. Given that VPN vulnerabilities are a popular target for attackers, organizations should prioritize the security of related software.

About the Vulnerability

CVE-2024-21762 targets FortiOS SSL VPN, presenting a severe security risk due to its potential exploitation by threat actors.

The flaw enables attackers to execute remote code by leveraging an out-of-bounds write vulnerability. This method allows attackers to manipulate HTTP requests maliciously, bypassing authentication measures.

The severity of this vulnerability is increased to a CVSS score of 9.6 due to the fact that the exploit does not require authentication.

Recommendation from Fortinet

Fortinet has issued guidance to its users for this potentially exploited vulnerability. The company emphasizes the critical nature of the vulnerability and urges proactive measures to secure systems.

The company recommends upgrading to the latest patched versions. Alternatively, users can temporarily mitigate the risk by disabling SSL VPN on their FortiOS devices. However, the urgency of the situation underscores the importance of promptly applying patches or workarounds to prevent potential exploitation.

Another Critical Fortinet Vulnerability

Please note that Fortinet recently disclosed another critical vulnerability in FortiOS. This flaw, CVE-2024-23113, has an initial CVSS score of 9.8.

It may allow a remote, unauthenticated attacker to execute arbitrary code or commands through specially crafted requests.

Unlike CVE-2024-21762, there is currently no indication of this flaw being exploited. However, in light of the recent zero-day exploits targeting Fortinet VPN, organizations should promptly update Fortinet products.

RECENT BLOG POSTS

PODCASTS

Cubic Lighthouse is a cybersecurity publication dedicated to demystifying security, making news actionable, providing deeper thinking about the fundamentals of security, and providing decision-makers and the community at large with the right information to make the right decisions. We will also feature more technical articles and provide personal/family security advice.

©2024 Cubic Consulting, a Smart Security Company for your Business – All Rights Reserved.