Fortinet Firewall SSL VPN
- CVE: CVE-2024-21762
- Severity: CRITICAL
- Priority: CRITICAL
Summary
- Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks.
- You will only be impacted if your SSL VPN portal is accessible to the public.
- The flaw (tracked as CVE-2024-21762 / FG-IR-24-015) received a 9.6 severity rating and is an out-of-bounds write vulnerability in FortiOS that allows unauthenticated attackers to gain remote code execution (RCE) via maliciously crafted requests.
Out-of-bound Write in SSLVPND
- An out-of-bounds write vulnerability [CWE-787] in FortiOS may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests.
- Note: This is potentially being exploited in the wild.
Remediation
- Upgrade to Unaffected Version
- Disable SSL VPN (disable webmode is NOT a valid workaround)
Version
Affected
Solution
FortiOS 7.6
Not affected
Not Applicable
FortiOS 7.4
7.4.0 through 7.4.2
Upgrade to 7.4.3 or above
FortiOS 7.2
7.2.0 through 7.2.6
Upgrade to 7.2.7 or above
FortiOS 7.0
7.0.0 through 7.0.13
Upgrade to 7.0.14 or above
FortiOS 6.4
6.4.0 through 6.4.14
Upgrade to 6.4.15 or above
FortiOS 6.2
6.2.0 through 6.2.15
Upgrade to 6.2.16 or above
FortiOS 6.0
6.0 all versions
Migrate to a fixed release