Critical Fortinet Flaw in FortiOS SSL VPN is Actively Exploited

by | Feb 9, 2024 | News

Post Views: 637

Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos.

Reading Time: 3 Minutes

Fortinet has issued a grave warning concerning a critical remote code execution (RCE) vulnerability discovered in FortiOS SSL VPN, identified as CVE-2024-21762, with a CVSS score of 9.6.

This flaw is currently being exploited in real-world attacks, although specific details about the attacks remain undisclosed by the security firm.

The vulnerability stems from an out-of-bounds write issue, allowing remote, unauthenticated attackers to execute arbitrary code or commands through specially crafted HTTP requests. Fortinet strongly advises users to disable SSL VPN as a temporary workaround until patches can be applied.

Here’s a breakdown of affected versions and available solutions:

Version	Affected	Solution
FortiOS 7.6	Not affected	Not Applicable
FortiOS 7.4	7.4.0 through 7.4.2	Upgrade to 7.4.3 or above
FortiOS 7.2	7.2.0 through 7.2.6	Upgrade to 7.2.7 or above
FortiOS 7.0	7.0.0 through 7.0.13	Upgrade to 7.0.14 or above
FortiOS 6.4	6.4.0 through 6.4.14	Upgrade to 6.4.15 or above
FortiOS 6.2	6.2.0 through 6.2.15	Upgrade to 6.2.16 or above
FortiOS 6.0	6.0 all versions	Migrate to a fixed release

See Also: So, you want to be a hacker?
Offensive Security, Bug Bounty Courses

Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.

In addition to CVE-2024-21762, Fortinet also addressed another critical flaw, CVE-2024-23113 (CVSS score 9.8), involving a use of externally-controlled format string vulnerability in the FortiOS fgfmd daemon. While no active exploitation has been observed for CVE-2024-23113, it poses a severe risk, potentially allowing remote attackers to execute arbitrary code or commands via specially crafted requests.

Fortinet’s history of vulnerabilities underscores the importance of immediate action. In December 2023, an actively exploited vulnerability (CVE-2022-42475) in FortiOS SSL-VPN was addressed, emphasizing the urgent need for updates. This heap-based buffer overflow weakness in FortiOS sslvpnd allowed remote attackers to execute arbitrary code on devices, highlighting the criticality of keeping Fortinet devices patched and secure.

Trending: Recon Tool: go-dork

Recent reports from the Dutch Military Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD) indicate a China-linked APT group’s breach of the Dutch Ministry of Defence.

The attack, which employed a previously undisclosed remote access trojan (RAT) named COATHANGER, targeted FortiGate appliances, exploiting the CVE-2022-42475 vulnerability as part of its attack chain. This revelation underscores the critical nature of promptly addressing and mitigating known vulnerabilities in Fortinet devices.

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?
If you want to express your idea in an article contact us here for a quote: [email protected]

Source: securityaffairs.com

Source Link