Fortinet warns about a new critical vulnerability in FortiOS SSL VPN that could be used in attacks. The flaw, known as CVE-2024-21762 / FG-IR-24-015, has a severity rating of 9.6.
It is an out-of-bounds write vulnerability in FortiOS. This vulnerability enables unauthenticated attackers to execute remote code by using malicious requests.
Apple has issued an urgent security advisory about 3 critical zero-day vulnerabilities—CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085—that are being actively exploited in...
Canon has announced a critical security vulnerability, CVE-2025-1268, in printer drivers for its production printers, multifunction printers, and laser printers....
Cybersecurity researcher Jeremiah Fowler recently revealed a sensitive data exposure involving the Australian fintech company Vroom by YouX, previously known...
Upgrade to the latest version indicated in the following table to fix the bug, as recommended by Fortinet:
Source: Bleeping computer
To protect against the vulnerability, disable SSL VPN on your FortiOS devices.
This flaw was disclosed today along with CVE-2024-23113 (Critical/9.8 rating), CVE-2023-44487 (Medium), and CVE-2023-47537 (Medium). However, these flaws are not marked as being exploited in the wild.