Fortinet has raised the alarm about a severe vulnerability within its FortiOS software that could allow remote attackers to execute malicious code. This critical security gap, identified as CVE-2024-21762 with a high severity score of 9.6, is exploitable via specially crafted HTTP requests. The cybersecurity company has acknowledged that the flaw is currently being actively exploited, urging users to take immediate protective action.
Immediate Mitigation Measures Recommended
In response to the threat, Fortinet has advised concerned users to temporarily disable the SSL VPN feature on the web portals to prevent potential breaches. The organization emphasizes that turning off web mode alone does not suffice as a safeguard. To fully mitigate the threat, disabling the entire SSL VPN component is necessary until a more permanent resolution is applied.
Vulnerability Exploitation Confirmed
Fortinet has confirmed that the exploitation of the CVE-2024-21762 vulnerability is not merely hypothetical but has been observed in active attacks. This announcement follows Fortinet’s recent advisories addressing critical OS command injection vulnerabilities in FortiSIEM, including CVE-2024-23108 and CVE-2024-23109. Furthermore, it has been reported that Chinese state-sponsored hackers exploited a separate zero-day vulnerability, CVE-2022-42475, in Fortinet’s VPN solutions, compromising Dutch defense networks.
The company has been diligent in communicating with its user base to ensure awareness of the security risks and the necessary steps to prevent exploitation. Users have been encouraged to stay abreast of cybersecurity news and updates provided by Fortinet on various platforms.
Fortinet’s proactive warning highlights the ever-present risks in the cybersecurity landscape and the critical importance of staying vigilant against potential threats. The organization continues to monitor the situation and provide updates on the latest developments surrounding this vulnerability.
The network security leader’s swift response to the security gap, including the dissemination of information and recommended defensive measures, demonstrates its commitment to safeguarding users against cyber threats.
