Fortinet Warns of Critical SSL VPN Flaw Exploited Actively in the Wild

Fortinet has issued a warning regarding a critical out-of-bounds write vulnerability in FortiOS. 

Remote attackers can exploit this vulnerability to execute arbitrary code, posing a significant security threat.

A vulnerability known as CVE-2024-21762 (with a CVSSv3 Score of 9.6) can be taken advantage of through a specific type of HTTP request. This vulnerability enables an attacker to execute code or commands using custom-crafted requests.

Fortinet has suggested disabling SSL VPN as a workaround to address the security vulnerability affecting SSL VPN web portals. It is important to note that disabling web mode alone is not a valid workaround.

Protect Your Network From Data Breach

Perimeter’s 81 Malware Protection for Network Based Threats

Prevent malware from infecting your network at the delivery stage by intercepting malicious files in transit from their source to the target device’s web browser. .

Following are the Versions Affected

Version AffectedSolution
FortiOS 7.6 Not affectedNot Applicable
FortiOS through 7.4.2Upgrade to 7.4.3 or above
FortiOS through 7.2.6Upgrade to 7.2.7 or above
FortiOS through 7.0.13Upgrade to 7.0.14 or above
FortiOS through 6.4.14Upgrade to 6.4.15 or above
FortiOS through 6.2.15Upgrade to 6.2.16 or above
FortiOS 6.06.0 all versionsMigrate to a fixed release

Fortinet has warned that hackers are actively exploiting the vulnerability in question. Significantly, the exploitation is not limited to theoretical attacks but occurs in real-world scenarios.

FortiSIEM recently addressed several OS command injection vulnerabilities, namely CVE-2024-23108 and CVE-2024-23109, prompting an advisory release.

According to the latest reports, Chinese state-sponsored hackers recently took advantage of a zero-day vulnerability (CVE-2022-42475) in Fortinet’s virtual private network to gain unauthorized access to the Dutch defense networks.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.