Important Fortinet FortiOS worm CVE-2024-21762 may impact 150,000 Web-facing gadgets
Pierluigi Paganini
March 09, 2024
Researchers have warned that the essential vulnerability CVE-2024-21762 in Fortinet FortiOS may impact 150,000 uncovered gadgets. In February, Fortinet warned that faraway get admission to vulnerability CVE-2024-21762 (CVSS ranking 9.6) in FortiOS SSL VPN was once exploited in wild assaults. The protection corporate didn’t divulge information about the threats that exploit this vulnerability. This vulnerability is a scripting drawback that can be utilized to ship specifically crafted HTTP requests to vulnerabilities. The seller recommends that you just disable SSL VPN as a carrier. “Continual writing failure [CWE-787] in FortiOS may permit a faraway attacker to inject code or particular instructions into HTTP requests. ” reads the recommendation. “Workaround: disable SSL VPN (reload internet interface is NOT a legitimate choice). Observe: This can be utilized within the wild.” The desk underneath comprises a listing of the affected variations and to be had answers that get to the bottom of this factor. thru 7.4.2Upgrade to 7.4.3 or aboveFortiOS 7.27.2.0 thru 7.2.6Upgrade to 7.2.7 or aboveFortiOS 7.07.0.1 to 7.07.0.0 to 4 6.4.0 to six.4 14Upgrade to six.4.15 or above on FortiOS 6.26.2.0 thru 6.2.15 Improve to six.2.16 or upper on FortiOS 6.06.0 all variations of FortiOS 6.06.0 Migrate to a solid model America Cybersecurity and Infrastructure Safety Company (CISA) added its vulnerability to the VulnerabilitiesIV listing. This week, Shadowserver Basis researchers introduced that about 150,000 gadgets would nonetheless be suffering from the problem despite the fact that Fortinet added to the listing. The researchers scanned the Web to seek out Fortinet FortiOS and FortiProxy safety methods which can be at risk of CVE-2024-21762. 150 000 discovered on 2024-03-06 sure (no longer 2024-02-06)— Shadowserver (@Shadowserver) March 7, 2024 Essentially the most prone gadgets (as of March 9, 2024) are in america (24,647), adopted through India (7.713), and Brazil (4.934). Researchers from GreyNoise additionally revealed an enchanting research of the worm, titled “Looking for Fortinet CVE-2024-21762: Vulnerability Analysis for Detection Engineering.” Practice me on Twitter: @securityafairs and Fb Pierluigi Paganini (SecurityAffairs – hacking, FortiOS)
