Flash Notices

Flash Notice: Patch Now - Critical Out-of-Bounds Write Vulnerability in FortiOS

Written by Marketing | Feb 9, 2024 5:27:52 PM

overview

FortiGuard just released an advisory for a critical out-of-bounds write vulnerability (CVE-2024-21762) found in FortiOS. The new vulnerability has a CVSS score of 9.8 and can allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests.  

Fortinet’s advisory states the vulnerability is potentially being exploited in the wild and impacts the following FortiOS versions:  

 

Version 

Affected 

Solution 

FortiOS 7.6 

Not affected 

Not Applicable 

FortiOS 7.4 

7.4.0 through 7.4.2 

Upgrade to 7.4.3 or above 

FortiOS 7.2 

7.2.0 through 7.2.6 

Upgrade to 7.2.7 or above 

FortiOS 7.0 

7.0.0 through 7.0.13 

Upgrade to 7.0.14 or above 

FortiOS 6.4 

6.4.0 through 6.4.14 

Upgrade to 6.4.15 or above 

FortiOS 6.2 

6.2.0 through 6.2.15 

Upgrade to 6.2.16 or above 

FortiOS 6.0 

6.0 all versions 

Migrate to a fixed release 

 

Exploitation of CVE-2024-21762 by remote unauthenticated attackers via specially crafted HTTP requests could result in the execution of arbitrary code or commands, allowing complete control of the affected FortiOS systems, unauthorized access without valid credentials, potential data breaches through unauthorized data access or exfiltration, and the possibility of denial-of-service attacks leading to system crashes.  

 

 

avertium's recommendationS

  • Given the severity of the vulnerability, Avertium recommends that organizations apply patches immediately. 
    • FortiGuard recommends following the recommended upgrade path via their tool 
  • Although FortiGuard’s advisory mentions disabling SSL VPN as a workaround, they advised against disabling webmode as it is NOT a valid workaround. 
  • For updated information regarding CVE-2024-21762, please see FortiGuard’s advisory 



 

INDICATORS OF COMPROMISE (IoCs)

At this time, there are no known IoCs associated with CVE-2024-21762. Avertium remains vigilant in locating IoCs for our customers. Should any be located, Avertium will disclose them as soon as possible. For more information on how Avertium can help protect your organization, please reach out to your Avertium Service Delivery Manager or Account Executive.   

 

 

How Avertium is Protecting Our CUSTOMERS

  • Fusion MXDR is the first MDR offering that fuse together all aspects of security operations into a living, breathing, threat-resistant XDR solution. By fusing insights from threat intelligence, security assessments, and vulnerability management into our MDR approach, Fusion MXDR offers a more informed, robust, and cost-effective approach to cybersecurity – one that is greater than the sum of its parts. 
  • Expanding endpoints, cloud computing environments, and accelerated digital transformation have decimated the perimeter in an ever-expanding attack surface. Avertium offers Attack Surface Management, so you’ll have no more blind spots, weak links, or fire drills. See every threat in your attack surface, every device, every entry point, and every vulnerability. Our Attack Surface Management services include:  
    • Risk Assessments 
    • Pen Testing and Social Engineering  
    • Infrastructure Architecture and Integration  
    • Zero Trust Network Architecture 
    • Vulnerability Management 
  • We highly value your feedback. Kindly spare a moment to complete our feedback form, allowing us to enhance our services for our valued customers. 




 

SUPPORTING DOCUMENTATION

docs.fortinet.com/upgrade-tool 

PSIRT | FortiGuard 

CVE - CVE-2024-21762 (mitre.org) 

 
View full post