New Fortinet VPN RCE Vulnerability Uncovered: Apply Patch Immediately

Home/BOTNET, Exploitation, Internet Security, Mobile Security, Security Advisory, Security Update, vulnerability/New Fortinet VPN RCE Vulnerability Uncovered: Apply Patch Immediately

New Fortinet VPN RCE Vulnerability Uncovered: Apply Patch Immediately

Fortinet has issued a warning regarding a critical vulnerability found in its FortiOS SSL VPN system, which could be actively exploited by attackers. This vulnerability within Fortinet’s network security solutions poses a significant threat to organizations, as it enables unauthenticated attackers to obtain remote code execution (RCE) capabilities through maliciously crafted requests.


This vulnerability, labeled as CVE-2024-21762 / FG-IR-24-015, presents a significant risk with a CVSS rating of 9.6 due to its susceptibility to exploitation in cyber-attacks. At the core of this alert is an out-of-bounds write vulnerability within the FortiOS system. This flaw enables unauthenticated attackers to execute remote code through carefully crafted requests.

The significant attention surrounding this new vulnerability is amplified by the widespread use of Fortinet networking solutions and the severity of the vulnerability itself. Beyond these factors, Remote Code Execution (RCE) flaws have the potential to result in system compromise and data theft. In more severe cases, they can trigger ransomware or espionage attacks, leading to company-wide cyberattacks, downtimes, data leaks, and associated disruptions.

This critical flaw was disclosed alongside other vulnerabilities, including CVE-2024-23113, which holds an even higher severity rating of 9.8, and two medium-severity flaws, CVE-2023-44487 and CVE-2023-47537. However, unlike CVE-2024-21762, these additional vulnerabilities are not currently identified as actively exploited in the wild.

The disclosure of this vulnerability follows previous incidents where Chinese state-sponsored threats, specifically Volt Typhoon, have exploited FortiOS vulnerabilities. The utilization of custom malware like Coathanger, a remote access trojan (RAT), indicates adversaries’ determination to exploit such vulnerabilities. Notably, this malware has been employed in attacks targeting the Dutch Ministry of Defense, underscoring the significant threat posed by such malicious activity.

Still, as statistics show, the majority of exploitation cases happen after the vulnerability is publicly disclosed. Therehence, the best option will be to patch the flaw as soon as possible. Fortunately, the developer already offers the fixes for CVE-2024-21762.


Fortinet’s released patch brings affected FortiOS systems up-to-date, effectively addressing the vulnerability and thwarting potential exploitation by attackers. Fortinet advises upgrading according to the following table:

FortiOS 7.6Not affectedNot Applicable
FortiOS through 7.4.2Upgrade to 7.4.3 or above
FortiOS through 7.2.6Upgrade to 7.2.7 or above
FortiOS through 7.0.13Upgrade to 7.0.14 or above
FortiOS through 6.4.14Upgrade to 6.4.15 or above
FortiOS through 6.2.15Upgrade to 6.2.16 or above
FortiOS 6.06.0 all versionsMigrate to a fixed release

‍Follow Us on: Twitter, InstagramFacebook to get the latest security news!

About the Author:

FirstHackersNews- Identifies Security

Leave A Comment

Subscribe to our newsletter to receive security tips everday!