Security News > 2024 > February > Critical Fortinet FortiOS flaw exploited in the wild (CVE-2024-21762)

Critical Fortinet FortiOS flaw exploited in the wild (CVE-2024-21762)
2024-02-12 18:55

Fortinet has patched critical remote code execution vulnerabilities in FortiOS, one of which is "Potentially" being exploited in the wild.

The exploitation-in-the-wild has been confirmed by CISA, by adding it to its Known Exploited Vulnerabilities catalog, though details about the attacks are still undisclosed.

CVE-2024-21762 is an out-of-bounds write vulnerability in FortiOS, which may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests.

CVE-2024-23313 is a use of externally-controlled format string vulnerability in FortiOS fgfmd daemon, which may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.

It often takes several days for Fortinet security updates to appear when checking for updates through the software.

"Zero-day vulnerabilities in Fortinet SSL VPNs have a history of being targeted by state-sponsored and other highly motivated threat actors. Other recent Fortinet SSL VPN vulnerabilities have been exploited by adversaries as both zero-day and as n-day following public disclosure," Rapid7 researchers noted.


News URL

https://www.helpnetsecurity.com/2024/02/12/critical-fortinet-fortios-flaw-exploited-in-the-wild-cve-2024-21762/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-02-20 CVE-2024-23313 An integer underflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). 0.0
2024-02-09 CVE-2024-21762 Out-of-bounds Write vulnerability in Fortinet Fortios
A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests
network
low complexity
fortinet CWE-787
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Fortinet 169 57 403 183 81 724