1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Fortinet FortiOS Out-of-Bound Write Vulnerability

Known Exploited Vulnerabilities CVE-2024-21762

A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2024-21762 Fortinet FortiOS Out-of-Bound Write Vulnerability exploitation_technique T1190 Exploit Public-Facing Application
Comments
This vulnerability allows adversaries to execute arbitrary code via specially crafted http requests that trigger an out of bounds write. Threat actors have been observed implementing a symbolic link, left behind to maintain read-only access to impacted devices.
References
  1. https://www.tenable.com/blog/cve-2024-21762-critical-fortinet-fortios-out-of-bound-write-ssl-vpn-vulnerability
  2. https://github.com/h4x0r-dz/CVE-2024-21762
  3. https://www.fortinet.com/blog/psirt-blogs/analysis-of-threat-actor-activity
CVE-2024-21762 Fortinet FortiOS Out-of-Bound Write Vulnerability primary_impact T1574 Hijack Execution Flow
Comments
This vulnerability allows adversaries to execute arbitrary code via specially crafted http requests that trigger an out of bounds write. Threat actors have been observed implementing a symbolic link, left behind to maintain read-only access to impacted devices.
References
  1. https://www.tenable.com/blog/cve-2024-21762-critical-fortinet-fortios-out-of-bound-write-ssl-vpn-vulnerability
  2. https://github.com/h4x0r-dz/CVE-2024-21762
  3. https://www.fortinet.com/blog/psirt-blogs/analysis-of-threat-actor-activity
CVE-2024-21762 Fortinet FortiOS Out-of-Bound Write Vulnerability secondary_impact T1547.009 Shortcut Modification
Comments
This vulnerability allows adversaries to execute arbitrary code via specially crafted http requests that trigger an out of bounds write. Threat actors have been observed implementing a symbolic link, left behind to maintain read-only access to impacted devices.
References
  1. https://www.tenable.com/blog/cve-2024-21762-critical-fortinet-fortios-out-of-bound-write-ssl-vpn-vulnerability
  2. https://github.com/h4x0r-dz/CVE-2024-21762
  3. https://www.fortinet.com/blog/psirt-blogs/analysis-of-threat-actor-activity