Critical Out-of-Bounds Write Vulnerability CVE-2024-21762 in FortiOS and FortiProxy

This vulnerability could allow a remote unauthenticated attacker to execute arbitrary code or command in FortiOS and FortiProxy SSL-VPN devices

Threat ID:: CC-4452
Threat Severity:: High
Published:: 9 February 2024 11:54 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

This vulnerability could allow a remote unauthenticated attacker to execute arbitrary code or command in FortiOS and FortiProxy SSL-VPN devices

Affected platforms

The following platforms are known to be affected:

Fortinet FortiOS

FortiOS 7.4 - 7.4.0 to 7.4.2
FortiOS 7.2 - 7.2.0 to 7.2.6
FortiOS 7.0 - 7.0.0 to 7.0.13
FortiOS 6.4 - 6.4.0 to 6.4.14
FortiOS 6.2 - 6.2.0 to 6.2.15
FortiOS 6.0 - 6.0 all versions

Fortinet FortiProxy

7.4.0 to 7.4.2
7.2.0 to 7.2.8
7.0.0 to 7.0.14
2.0.0 to 2.0.13
1.2.0 to 1.2.13
1.1.0 to 1.1.6
1.0.0 to 1.0.7

Threat details

Introduction

Fortinet has released a security update to address a critical severity vulnerability in FortiOS and FortiProxy SSL-VPN devices with a CVSSv3 score of 9.6.

CVE-2024-21762 is an out-of-bounds write vulnerability, which may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests.

Evidence of exploitation

Fortinet have warned that this vulnerability is potentially being exploited in the wild. VPN appliances are often internet-facing by design and frequent targets for exploitation by cyber threat groups. Previous Fortinet SSL-VPN vulnerabilities have been exploited in the wild within days of official disclosure.

Remediation advice

Affected organisations are required to review Fortinet PSIRT Advisory FG-IR-24-015 along with the relevant FortiProxy release notes and apply the security updates as soon as possible.

Due to the rapidly changing nature of this vulnerability, it is recommended that affected organisations monitor this cyber alert for any future updates.

Definitive source of threat updates

CVE Vulnerabilities

Status Published

CVE-2024-21762

A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests

Last edited: 9 February 2024 11:54 am