FortiOS Out-of-Bound Write Vulnerability Under Active Exploitation (CVE-2024-21762)

Qualys Security Advisory

Fortinet has addressed an out-of-bounds write vulnerability impacting FortiOS. Tracked as CVE-2024-21762, the vulnerability has a critical severity rating with a CVSS score 9.6. Successful exploitation of the vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests.

Fortinet quoted in the advisory that vulnerability is potentially exploited in the wild.

FortiOS is considered the brain of Fortinet Security Fabric. The Security Fabric’s operating system, or software, connects all its parts and ensures tight integration throughout the deployment of the Security Fabric across an enterprise.

Affected Products and Versions

  • FortiOS 7.4 (versions 7.4.0 through 7.4.2)
  • FortiOS 7.2 (versions 7.2.0 through 7.2.6)
  • FortiOS 7.0 (versions 7.0.0 through 7.0.13)
  • FortiOS 6.4 (versions 6.4.0 through 6.4.14)
  • FortiOS 6.2 (versions 6.2.0 through 6.2.15)
  • FortiOS 6.0, all versions

Mitigation

Customers are advised to upgrade to the following versions to patch the vulnerability:

  • Upgrade to 7.4.3 or above
  • Upgrade to 7.2.7 or above
  • Upgrade to 7.0.14 or above
  • Upgrade to 6.4.15 or above
  • Upgrade to 6.2.16 or above

FortiOS has recommended disabling SSL VPN as a workaround.

Please refer to the Fortinet PSIRT Advisory (FG-IR-24-015) for more information.

Qualys Detection

Qualys customers can scan their devices with QID 44170 to detect vulnerable assets.

Please continue to follow Qualys Threat Protection for more coverage of the latest vulnerabilities.

References
https://www.fortiguard.com/psirt/FG-IR-24-015

READ MORE