In a recent discovery, security experts have identified a potential vulnerability affecting approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems. The flaw, known as CVE-2024-21762, poses a critical risk, allowing attackers to execute code without authentication.
The Cyber Defense Agency of America (CISA) has confirmed reports of active exploitation of this vulnerability, prompting immediate action from cybersecurity professionals worldwide.
Following the disclosure of CVE-2024-21762, The Shadowserver Foundation conducted scans revealing the presence of nearly 150,000 vulnerable devices globally. However, proactive measures such as applying mitigations or upgrading systems may have reduced the actual number of affected devices.
With a severity score of 9.8 according to NIST, the vulnerability leaves systems susceptible to remote attacks through specially crafted HTTP requests. The majority of vulnerable devices, over 24,000, have been identified in the United States, with notable numbers also in India, Brazil, and Canada.
While details regarding threat actors exploiting CVE-2024-21762 remain limited, cybersecurity agencies urge organizations to remain vigilant and take necessary precautions. Companies can assess their vulnerability status using a Python script developed by BishopFox, a leading offensive security company.
Fortinet’s FortiOS serves as the backbone for a range of security solutions, offering protection against various threats including denial-of-service attacks, intrusion prevention, and firewall services. Similarly, FortiProxy provides robust security features against web and DNS-based threats, incorporating antivirus, intrusion prevention, and client browser isolation.
In response to the identified vulnerability, Fortinet swiftly addressed the issue, emphasizing the importance of ongoing vigilance and proactive security measures within the cybersecurity community.
As efforts to secure vulnerable systems continue, cybersecurity experts stress the significance of timely updates and proactive monitoring to safeguard against emerging threats in an ever-evolving digital landscape. Stay tuned for further updates on this developing story.
Interesting Article : Critical VPN Vulnerability in Cisco Secure Client: CVE-2024-20337
Pingback: CHAVECLOAK: Shielding Against Trojan Targeting Brazilians