CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2024-21762

CVSS 9.8v3.1pub. 2024-02-09upd. 2025-10-24

A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests

🤖 AI Analysis
How it works

The error consists of writing data outside the boundaries of an allocated buffer (CWE-787 — out-of-bounds write) in components handling network requests. An attacker sends specially crafted requests to the vulnerable device, leading to memory corruption and hijacking of code execution flow. The attack vector is network-based, requires no privileges or user interaction, making the vulnerability exceptionally easy to exploit.

Impact

An attacker can execute arbitrary code or system commands on the vulnerable device from the network, gaining full control over the firewall or proxy, including access to configurations, network data, and infrastructure behind the device.

Mitigation & patch

Patches available from the vendor must be applied immediately in accordance with the official Fortinet security bulletin (FG-IR-24-015) available at https://fortiguard.com/psirt/FG-IR-24-015. Devices with management interface exposed to the Internet should be updated with priority or temporarily isolated from external networks.

Who is affected

Fortinet FortiOS: 7.4.0–7.4.2, 7.2.0–7.2.6, 7.0.0–7.0.13, 6.4.0–6.4.14, 6.2.0–6.2.15, 6.0.0–6.0.17. Fortinet FortiProxy: 7.4.0–7.4.2, 7.2.0–7.2.8, 7.0.0–7.0.14, 2.0.0–2.0.13, 1.2.0–1.2.13, 1.1.0–1.1.6, 1.0.0–1.0.7.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Fortinet FortiOS

    OS
    Fortinet
    7.4.0 – 7.4.3 (bez)6.2.0 – 6.2.16 (bez)6.4.0 – 6.4.15 (bez)7.0.0 – 7.0.14 (bez)7.2.0 – 7.2.7 (bez)6.0.0 – 6.0.18 (bez)
  • Fortinet Fortiproxy

    APP
    Fortinet
    7.0.0 – 7.0.15 (bez)7.2.0 – 7.2.9 (bez)7.4.0 – 7.4.3 (bez)1.0.0 – 2.0.14 (bez)

CISA KEV — detailsi

Vendori
Fortinet
Producti
FortiOS
Added to KEVi
February 9, 2024
Remediation deadline (US Federal)i
February 16, 2024(overdue)
Ransomwarei
Active ransomware campaigns exploit this vulnerability
Required action (CISA)i

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

Fortinet FortiOS contains an out-of-bound write vulnerability that allows a remote unauthenticated attacker to execute code or commands via specially crafted HTTP requests.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
☠️WYKORZYSTYWANE W RANSOMWARECISA DEADLINE: 16 lutego 2024
Tags
MemoryFirewall
CWE
References

Related vulnerabilities

CVE-2026-24858CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Fortinet – Auth Bypass przez FortiCloud SSO w wielu produktach

CVE-2025-59718CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Fortinet FortiOS/FortiProxy/FortiSwitchManager — Auth Bypass przez SAML

CVE-2024-55591CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Authentication Bypass w FortiOS i FortiProxy — przejęcie uprawnień super-admin

CVE-2024-23113CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Krytyczna podatność format string RCE w Fortinet FortiOS, FortiProxy i FortiSwitchManager

CVE-2023-27997CRITICAL9.8⚠ KEVten sam produkt

A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and be...