Fortinet Warns of New FortiOS Zero-Day

1 year ago
February 9, 2024
2 replies
10 views

+54

Jasper_The_Rasper
Moderator
11548 replies

Fortinet patches CVE-2024-21762, a critical remote code execution vulnerability that may have been exploited in the wild.

February 9, 2024 By Eduard Kovacs

Fortinet on Thursday announced patches for a critical remote code execution vulnerability in FortiOS that may have been exploited in the wild.

The security hole, tracked as CVE-2024-21762, impacts FortiOS versions 6.0, 6.2, 6.4, 7.0, 7.2 and 7.4. Patches have been released for each impacted version, except for 6.0 — 6.0 users are being advised to migrate to a newer version. FortiOS 7.6 is not affected by the vulnerability.

As a workaround, users can disable the SSL VPN feature. Disabling the SSL VPN web mode does not mitigate the vulnerability, Fortinet said.

CVE-2024-21762 appears to be a zero-day, with Fortinet saying that it’s “potentially being exploited in the wild”.

>> Full Article <<

+54

Jasper_The_Rasper
Author
Moderator
11548 replies
1 year ago
February 9, 2024

New Fortinet RCE bug is actively exploited, CISA confirms

February 9, 2024 By Sergiu Gatlan

Fortinet

CISA confirmed today that attackers are actively exploiting a critical remote code execution (RCE) bug patched by Fortinet on Thursday.

The flaw (CVE-2024-21762) is due to an out-of-bounds write weakness in the FortiOS operating system that can let unauthenticated attackers execute arbitrary code remotely using maliciously crafted HTTP requests.

Admins who can't immediately deploy security updates to patch vulnerable appliances can remove the attack vector by disabling SSL VPN on the device.

CISA's announcement comes one day after Fortinet published a security advisory saying the flaw was "potentially being exploited in the wild."

>> Full Article <<