Experts from The Shadowserver Foundation have issued a warning that approximately 150,000 Fortinet FortiOS and FortiProxy devices remain susceptible to the critical vulnerability CVE-2024-21762, which was identified and rectified last month. This flaw allows for unauthenticated code execution.
It’s worth noting that the CVE-2024-21762 vulnerability scored 9.6 on the CVSS scale. This bug in FortiOS is associated with an out-of-bounds write issue, enabling unauthorized attackers to remotely execute arbitrary code by sending specially crafted HTTP requests to vulnerable machines.
Last month, specialists from the Cybersecurity and Infrastructure Security Agency (CISA) in the US added CVE-2024-21762 to their
As reported by analysts from The Shadowserver Foundation, around 150,000 devices vulnerable to this recent bug can still be found online. The majority of these (over 24,000) are located in the USA, with a significant number also detected in India, Brazil, and Canada.
Researchers remind administrators that they can check if their systems are vulnerable to this issue by using a special