Fortinet's Urgent Alert: Critical Vulnerabilities in FortiOS Pose Severe Security Threats



Fortinet has issued a critical warning regarding a serious out-of-bounds write vulnerability found in FortiOS, raising concerns about potential security breaches. This vulnerability, identified as CVE-2024-21762 with a CVSSv3 Score of 9.6, poses a significant threat as remote attackers can exploit it to execute arbitrary code. The exploit takes advantage of a specific type of HTTP request, allowing attackers to execute code or commands through carefully crafted requests.

To mitigate this security risk, Fortinet recommends disabling SSL VPNs as a temporary workaround, specifically targeting SSL VPN web portals. It’s crucial to highlight that solely disabling web mode is not considered a valid and comprehensive solution.

In addition to this, FortiSIEM has recently addressed OS command injection vulnerabilities, namely CVE-2024-23108 and CVE-2024-23109, leading to the release of an advisory to address these concerns.

Adding to the urgency, recent reports indicate that state-sponsored hackers from China have exploited a zero-day vulnerability (CVE-2022-42475) in Fortinet’s virtual private network. This unauthorized access allowed the hackers to compromise the security of Dutch defense networks, underscoring the critical importance of promptly addressing and patching vulnerabilities in network infrastructure.

Given the evolving nature of cyber threats, organizations are urged to stay vigilant, apply recommended security measures, and promptly update their systems to safeguard against potential data breaches and unauthorized access.

Other news

Three people indicted in $400 million FTX crypto hack conspiracy

Three people were indicted for an identity theft conspiracy that allegedly included the $400 million hack from FTX on the same day in November 2022 that the doomed cryptocurrency exchange filed for bankruptcy protection, court records show.

Read More

Researchers Uncover ‘LLMjacking’ Scheme Targeting Cloud-Hosted AI Models

Cybersecurity researchers have uncovered a new attack targeting cloud-hosted large language model (LLM) services, leveraging stolen cloud credentials with the aim of selling access to other threat actors.

Read More