Fortinet Issues Alert for Critical Zero-Day Vulnerability in FortiOS

Tech heads and cybersecurity buffs, take note: Fortinet, a leader in broad, integrated, and automated cybersecurity solutions, has issued a critical patch for a zero-day vulnerability in its FortiOS system, which is believed to be under active exploitation. The security flaw in question, identified as CVE-2024-21762, is an out-of-bounds write in the sslvpnd component, affecting versions 6.0 through 7.4 of FortiOS.

In layman’s terms, this vulnerability could let a hacker who’s not even authenticated send a specially crafted HTTP request to run arbitrary code – a major security red flag. Fortinet’s advisory, released on Thursday, strongly advises users to update their systems to the patched versions to avoid any nasty surprises.

While the company hasn’t spilled the beans on who might be exploiting this vulnerability or how widespread the attacks are, it’s clear they’re taking no chances by sounding the alarm.

And that’s not all – Fortinet has also patched up three other vulnerabilities, including another critical one in the fgfmd daemon, part of the FortiGate FortiManager, which is on by default. This one, tagged as CVE-2024-23113, could also allow attackers to remotely execute code if they send the right (or in this case, wrong) kind of request.

For those running FortiOS 7.0, 7.2, and 7.4, a temporary fix is to disable fgfm access, which will stop the FortiGate from being discovered by the FortiManager but won’t interrupt existing connections. However, Fortinet warns that limiting FGFM connections to a specific IP as a local-in policy might reduce risk but won’t fully eliminate it. So this should only be seen as a band-aid, not a permanent solution.

Bottom line: If you’re using Fortinet’s FortiOS, it’s time to patch up and stay secure. In the world of cybersecurity, it’s better to be safe than sorry.