Security News > 2024 > February > Critical Fortinet FortiOS flaw exploited in the wild (CVE-2024-21762)
Fortinet has patched critical remote code execution vulnerabilities in FortiOS, one of which is "Potentially" being exploited in the wild.
The exploitation-in-the-wild has been confirmed by CISA, by adding it to its Known Exploited Vulnerabilities catalog, though details about the attacks are still undisclosed.
CVE-2024-21762 is an out-of-bounds write vulnerability in FortiOS, which may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests.
CVE-2024-23313 is a use of externally-controlled format string vulnerability in FortiOS fgfmd daemon, which may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.
It often takes several days for Fortinet security updates to appear when checking for updates through the software.
"Zero-day vulnerabilities in Fortinet SSL VPNs have a history of being targeted by state-sponsored and other highly motivated threat actors. Other recent Fortinet SSL VPN vulnerabilities have been exploited by adversaries as both zero-day and as n-day following public disclosure," Rapid7 researchers noted.
News URL
Related news
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824) (source)
- Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)
- CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame (source)
- 87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) (source)
- Fortinet releases patches for undisclosed critical FortiManager vulnerability (source)
- VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) (source)
- Fortinet warns of new critical FortiManager flaw used in zero-day attacks (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-20 | CVE-2024-23313 | An integer underflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). | 0.0 |
2024-02-09 | CVE-2024-21762 | Out-of-bounds Write vulnerability in Fortinet Fortios A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests | 9.8 |