- Vulnerability/
- CVE-2024-21762
CVE-2024-21762: Out-of-bound Write in sslvpnd
First published: Thu Feb 08 2024(Updated: )
A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests
Credit: psirt@fortinet.com psirt@fortinet.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortinet FortiOS IPS Engine | ||
| Fortinet FortiProxy | >=1.0.0<2.0.14 | |
| Fortinet FortiProxy | >=7.0.0<7.0.15 | |
| Fortinet FortiProxy | >=7.2.0<7.2.9 | |
| Fortinet FortiProxy | >=7.4.0<7.4.3 | |
| Fortinet FortiOS IPS Engine | >=6.0.0<6.0.18 | |
| Fortinet FortiOS IPS Engine | >=6.2.0<6.2.16 | |
| Fortinet FortiOS IPS Engine | >=6.4.0<6.4.15 | |
| Fortinet FortiOS IPS Engine | >=7.0.0<7.0.14 | |
| Fortinet FortiOS IPS Engine | >=7.2.0<7.2.7 | |
| Fortinet FortiOS IPS Engine | >=7.4.0<7.4.3 | |
| Fortinet FortiOS IPS Engine | >=7.4.0<=7.4.2 | |
| Fortinet FortiOS IPS Engine | >=7.2.0<=7.2.6 | |
| Fortinet FortiOS IPS Engine | >=7.0.0<=7.0.13 | |
| Fortinet FortiOS IPS Engine | >=6.4.0<=6.4.14 | |
| Fortinet FortiOS IPS Engine | >=6.2.0<=6.2.15 | |
| Fortinet FortiOS IPS Engine | >=6.0.0<=6.0.17 | |
| Fortinet FortiProxy | >=7.4.0<=7.4.2 | |
| Fortinet FortiProxy | >=7.2.0<=7.2.8 | |
| Fortinet FortiProxy | >=7.0.0<=7.0.14 | |
| Fortinet FortiProxy | >=2.0.0<=2.0.13 | |
| Fortinet FortiProxy | >=1.2 | |
| Fortinet FortiProxy | >=1.1 | |
| Fortinet FortiProxy | >=1.0 |
Remedy
Please upgrade to FortiProxy version 7.4.3 or above Please upgrade to FortiProxy version 7.2.9 or above Please upgrade to FortiProxy version 7.0.15 or above Please upgrade to FortiProxy version 2.0.14 or above Please upgrade to FortiOS version 7.6.0 or above Please upgrade to FortiOS version 7.4.3 or above Please upgrade to FortiOS version 7.2.7 or above Please upgrade to FortiOS version 7.0.14 or above Please upgrade to FortiOS version 6.4.15 or above Please upgrade to FortiOS version 6.2.16 or above
Remedy
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.bleepingcomputer.com/news/security/new-fortinet-rce-flaw-in-ssl-vpn-likely-exploited-in-attacks/
- https://www.bleepingcomputer.com/news/security/new-fortinet-rce-bug-is-actively-exploited-cisa-confirms/
- https://www.bleepingcomputer.com/news/security/critical-fortinet-flaw-may-impact-150-000-exposed-devices/
- https://www.bleepingcomputer.com/news/security/fortinet-warns-of-critical-rce-bug-in-endpoint-management-software/
- https://www.theregister.com/2024/03/18/more_than_133000_fortinet_appliances/
- https://www.bleepingcomputer.com/news/security/exploit-released-for-fortinet-rce-bug-used-in-attacks-patch-now/
- https://fortiguard.com/psirt/FG-IR-24-015
- https://www.fortiguard.com/psirt/cvrf/FG-IR-24-015
- https://www.fortiguard.com/psirt/FG-IR-24-015
- https://fortiguard.fortinet.com/psirt/FG-IR-24-015
- https://nvd.nist.gov/vuln/detail/CVE-2024-21762
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the severity of CVE-2024-21762?
CVE-2024-21762 is considered a critical vulnerability due to its potential for remote code execution.
How do I fix CVE-2024-21762?
To fix CVE-2024-21762, update FortiOS to versions 7.4.3, 7.2.7, 7.0.14, 6.4.15, 6.2.16, or 6.0.18 or FortiProxy to versions 7.4.3, 7.2.9, 7.0.15, or 2.0.14.
What systems are affected by CVE-2024-21762?
CVE-2024-21762 affects Fortinet FortiOS and FortiProxy versions as specified in the vulnerability details.
Is CVE-2024-21762 actively exploited?
Yes, there are reports indicating that CVE-2024-21762 is actively being exploited in the wild.
What is the exploit vector for CVE-2024-21762?
The exploit vector for CVE-2024-21762 involves an out-of-bounds write leading to potential remote code execution.
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-21762
- alias/CVE-2024-23113
- alias/CVE-2023-44487
- alias/CVE-2023-47537
- agent/type
- agent/remedy
- alias/CVE-2024-23108
- alias/CVE-2024-23109
- alias/CVE-2023-34992
- alias/CVE-2022-42475
- alias/CVE-2023-27997
- agent/first-publish-date
- agent/severity
- alias/CVE-2023-48788
- alias/CVE-2023-42789
- alias/CVE-2023-36554
- alias/CVE-2023-47534
- collector/the-register
- source/The Register
- alias/CVE-2022-40684
- agent/weakness
- zeroday/true
- agent/news-ai
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/title
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/last-modified-date
- agent/softwarecombine
- agent/trending
- collector/fortiguard-psirt-latest
- source/FortiGuard
- agent/event
- agent/source
- agent/tags
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- collector/nvd-cve
- collector/fortiguard-psirt
- vendor/fortinet
- canonical/fortinet fortios ips engine
- canonical/fortinet fortiproxy
- version/fortinet fortiproxy/1.0.0
- version/fortinet fortiproxy/7.0.0
- version/fortinet fortiproxy/7.2.0
- version/fortinet fortiproxy/7.4.0
- version/fortinet fortios ips engine/6.0.0
- version/fortinet fortios ips engine/6.2.0
- version/fortinet fortios ips engine/6.4.0
- version/fortinet fortios ips engine/7.0.0
- version/fortinet fortios ips engine/7.2.0
- version/fortinet fortios ips engine/7.4.0
- version/fortinet fortios ips engine/7.4.2
- version/fortinet fortios ips engine/7.2.6
- version/fortinet fortios ips engine/7.0.13
- version/fortinet fortios ips engine/6.4.14
- version/fortinet fortios ips engine/6.2.15
- version/fortinet fortios ips engine/6.0.17
- version/fortinet fortiproxy/7.4.2
- version/fortinet fortiproxy/7.2.8
- version/fortinet fortiproxy/7.0.14
- version/fortinet fortiproxy/2.0.0
- version/fortinet fortiproxy/2.0.13
- version/fortinet fortiproxy/1.2
- version/fortinet fortiproxy/1.1
- version/fortinet fortiproxy/1.0