Fortinet Warns of Critical SSL VPN Flaw Exploited Actively in the Wild

Fortinet has issued a warning regarding a critical out-of-bounds write vulnerability in FortiOS. 

Remote attackers can exploit this vulnerability to execute arbitrary code, posing a significant security threat.

A vulnerability known as CVE-2024-21762 (with a CVSSv3 Score of 9.6) can be taken advantage of through a specific type of HTTP request. This vulnerability enables an attacker to execute code or commands using custom-crafted requests.

Fortinet has suggested disabling SSL VPN as a workaround to address the security vulnerability affecting SSL VPN web portals. It is important to note that disabling web mode alone is not a valid workaround.

Following are the Versions Affected

Fortinet has warned that hackers are actively exploiting the vulnerability in question. Significantly, the exploitation is not limited to theoretical attacks but occurs in real-world scenarios.

FortiSIEM recently addressed several OS command injection vulnerabilities, namely CVE-2024-23108 and CVE-2024-23109, prompting an advisory release.

According to the latest reports, Chinese state-sponsored hackers recently took advantage of a zero-day vulnerability (CVE-2022-42475) in Fortinet’s virtual private network to gain unauthorized access to the Dutch defense networks.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.