Security News > 2024 > March > More than 133,000 Fortinet appliances still vulnerable to month-old critical bug

More than 133,000 Fortinet appliances still vulnerable to month-old critical bug
2024-03-18 19:00

The volume of Fortinet boxes exposed to the public internet and vulnerable to a month-old critical security flaw in FortiOS is still extremely high, despite a gradual increase in patching.

According to security nonprofit Shadowserver's latest data, the number of Fortinet appliances vulnerable to CVE-2024-21762 stands at more than 133,000 - down only slightly from more than 150,000 ten days prior.

The biggest number of exposures is in Asia, with 54,310 appliances still vulnerable to the critical RCE bug, the data shows.

"Due to prior targeting of Fortinet devices and word of an upcoming proof of concept exploit for the flaw, in-the-wild exploitation is likely to occur," said Chris Boyd, staff research engineer at Tenable.

"Other vulnerabilities in Fortinet devices have attracted the attention of multiple nation-state threat actors and ransomware groups like Conti. Fortinet vulnerabilities have been included as part of the top routinely exploited vulnerability lists in recent years."

CISA also released an advisory a day before Fortinet's disclosure of CVE-2024-21762, warning of Volt Typhoon pre-positioning itself inside US critical infrastructure, using vulnerabilities in networking appliances like Fortinet as a way in.


News URL

https://go.theregister.com/feed/www.theregister.com/2024/03/18/more_than_133000_fortinet_appliances/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-02-09 CVE-2024-21762 Out-of-bounds Write vulnerability in Fortinet Fortios
A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests
network
low complexity
fortinet CWE-787
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Fortinet 76 15 312 265 80 672