Important Fortinet flaw might impression 150,000 uncovered units

150,000 Fortinet devices potentially vulnerable to critical remote code execution

Scans on the general public net present that roughly 150,000 Fortinet FortiOS and FortiProxy safe net gateway programs are weak to CVE-2024-21762, a important safety concern that enables executing code with out authentication.

America’s Cyber Protection Company CISA confirmed final month that attackers are actively exploiting the flaw by including it to its Recognized Exploited Vulnerabilities (KEV) catalog.

Susceptible variations all around the world

Nearly a month after Fortinet addressed CVE-2024-21762, The Shadowserver Basis introduced on Thursday that it discovered practically 150,000 weak units.

Shadowserver’s Piotr Kijewski instructed BleepingComputer that their scans verify for weak variations, so the variety of affected units could also be decrease if admins utilized mitigations as a substitute of upgrading.

A distant attacker may exploit CVE-2024-21762 (9.8 severity rating as per NIST) by sending specifically crafted HTTP requests to weak machines.

In accordance with Shadowserver information, most weak units, greater than 24,000, are in america, adopted by India, Brazil, and Canada.

Vulnerability map for CVE-2024-21762
Units with weak variations of FortiOS and FortiProxy
supply: The Shadowserver Basis

Particulars about risk actors actively exploiting CVE-2024-21762 are at present restricted, as public platforms aren’t displaying such exercise or the vulnerability is being leveraged in choose assaults by extra subtle adversaries.

A day after Fortinet’s advisory, the Cybersecurity and Infrastructure Safety Company (CISA) confirmed energetic exploitation of the vulnerability by including it to its KEV catalog.

Corporations can verify if their SSL VPN programs are weak to this concern by operating a easy Python script developed by researchers at offensive safety firm BishopFox.

FortiOS is Fortinet’s working system with security measures comparable to safety in opposition to denial-of-service (DoS) assaults, intrusion prevention (IPS), firewall, and VPN providers.

It powers all Fortinet Safety Material units, from firewalls to entry factors, switches, and community entry management merchandise, offering visibility and management, centralized administration throughout the community, and constant deployment and enforcement of safety insurance policies.

FortiProxy is a safe net proxy resolution with safety capabilities in opposition to net and DNS-based threats, information loss. It integrates an antivirus, intrusion prevention, and shopper browser isolation.

Recent Articles

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here