Security News > 2024 > March > More than 133,000 Fortinet appliances still vulnerable to month-old critical bug

The volume of Fortinet boxes exposed to the public internet and vulnerable to a month-old critical security flaw in FortiOS is still extremely high, despite a gradual increase in patching.

According to security nonprofit Shadowserver's latest data, the number of Fortinet appliances vulnerable to CVE-2024-21762 stands at more than 133,000 - down only slightly from more than 150,000 ten days prior.

The biggest number of exposures is in Asia, with 54,310 appliances still vulnerable to the critical RCE bug, the data shows.

"Due to prior targeting of Fortinet devices and word of an upcoming proof of concept exploit for the flaw, in-the-wild exploitation is likely to occur," said Chris Boyd, staff research engineer at Tenable.

"Other vulnerabilities in Fortinet devices have attracted the attention of multiple nation-state threat actors and ransomware groups like Conti. Fortinet vulnerabilities have been included as part of the top routinely exploited vulnerability lists in recent years."

CISA also released an advisory a day before Fortinet's disclosure of CVE-2024-21762, warning of Volt Typhoon pre-positioning itself inside US critical infrastructure, using vulnerabilities in networking appliances like Fortinet as a way in.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/03/18/more_than_133000_fortinet_appliances/