Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Kyaw_Myo_Oo
Contributor III
‎02-10-2024 04:20 AM
‎02-10-2024 04:20 AM

New Fortinet RCE flaw in SSL VPN likely exploited in attacks

Dear all,

 

Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks.

The flaw (tracked as CVE-2024-21762 / FG-IR-24-015) received a 9.6 severity rating and is an out-of-bounds write vulnerability in FortiOS that allows unauthenticated attackers to gain remote code execution (RCE) via maliciously crafted requests.

 

New Fortinet RCE flaw in SSL VPN likely exploited in attacks (bleepingcomputer.com)

 

 

Kyaw Myo Oo
Manager , CB BANK PCL
CCIE #58769 | PCNSE | SAA-C03 | CCSM | CISSP | PMP
Reply
2 Replies
Early_Adopter
Community Champion
‎02-10-2024 06:59 AM
‎02-10-2024 06:59 AM

Ouch.

Big issue with these admittedly impressive multi-function god boxes is that it gets harder to cover everything. RCE is a real oversight.
Reply
Kyaw_Myo_Oo
Contributor III
‎02-10-2024 10:02 AM
‎02-10-2024 10:02 AM

Thanks for sharing your thoughts and views @Early_Adopter .

 

 

Kyaw Myo Oo
Manager , CB BANK PCL
CCIE #58769 | PCNSE | SAA-C03 | CCSM | CISSP | PMP
Reply