Vulnerabilities and Threats (Corvus Alerts)
      Back to home
      1. Knowledge Nest
      2. Cybersecurity Tips + Vulnerability Alerts
      3. Vulnerabilities and Threats (Corvus Alerts)

      Fortinet Fortigate Vulnerability Alert | February 2024

      There's a critical vulnerability in Fortinet Fortigate Products. Here's what you need to know.

      Background

      A critical security flaw (CVE-2024-21762) has been discovered in Fortigate SSL VPNs and is likely being exploited in the wild. The vulnerability allows for an unauthenticated attacker to execute arbitrary code or commands. Security patches have been released and should be applied as soon as possible.

      Impact

      The vulnerability affects the following Fortinet Fortigate versions:

      • FortiOS 7.4 (versions 7.4.0 through 7.4.2) - Upgrade to 7.4.3 or above
      • FortiOS 7.2 (versions 7.2.0 through 7.2.6) - Upgrade to 7.2.7 or above
      • FortiOS 7.0 (versions 7.0.0 through 7.0.13) - Upgrade to 7.0.14 or above
      • FortiOS 6.4 (versions 6.4.0 through 6.4.14) - Upgrade to 6.4.15 or above
      • FortiOS 6.2 (versions 6.2.0 through 6.2.15) - Upgrade to 6.2.16 or above
      • FortiOS 6.0 (versions 6.0 all versions) - Migrate to a fixed release

      Attackers can execute arbitrary code or commands against unpatched devices, gaining a foothold into the network. From there the attacker would be able to conduct further exploitation and potentially move around the network. Corvus has observed similar vulnerabilities lead to ransomware incidents. Impacted organizations should apply a security patch immediately.

      Next Steps

      • Ensure you are running the latest available fixed version of FortiOS.
      • If you aren’t able to patch right away, the only available workaround is to disable SSL VPN (disabling webmode is NOT a valid workaround).