Fortinet Remote Code Execution Vulnerability (CVE-2024-21762)

A critical Remote Code Execution vulnerability (CVE-2024-21762) was identified in FortiOS and FortiProxy SSL VPN recently which may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests.

Fortinet has released the patches to remediate the vulnerability and strongly recommends customers to apply the update IMMEDIATELY.

Vulnerability

• Remote Code Execution Vulnerability (CVE-2024-21762)
  • An out-of-bounds write vulnerability in FortiOS and FortiProxy SSL VPN. Successful exploitation enables a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests.

Severity Level

• Critical

Affected Products

• FortiOS:
  • 7.4.0 through 7.4.2,
  • 7.2.0 through 7.2.6,
  • 7.0.0 through 7.0.13,
  • 6.4.0 through 6.4.14,
  • 6.2.0 through 6.2.15,
  • 6.0.0 through 6.0.17
• FortiProxy:
  • 7.4.0 through 7.4.2,
  • 7.2.0 through 7.2.8,
  • 7.0.0 through 7.0.14,
  • 2.0.0 through 2.0.13,
  • 1.2 all versions,
  • 1.1 all versions,
  • 1.0 all versions

Remediation

• Please apply the latest update patches in your department devices immediately.

Reference

• https://www.fortiguard.com/psirt/FG-IR-24-015
• https://nvd.nist.gov/vuln/detail/CVE-2024-21762
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21762
• https://www.hkcert.org/security-bulletin/fortinet-products-multiple-vulnerabilities_20240209

Enquiry

• For enquiries, please contact infosec@cuhk.edu.hk. Thanks a lot.

Published on: 25 Mar 2024