What is the critical vulnerability affecting Fortinet's FortiOS and FortiProxy?

The critical vulnerability affecting Fortinet's FortiOS and FortiProxy is tracked as CVE-2024-21762, with a severity score of 9.8. It has been patched more than a month ago, yet recent scans have detected approximately 150,000 systems still exposed.

How many devices are still at risk due to CVE-2024-21762?

Despite Fortinet's efforts to patch the vulnerability, The Shadowserver Foundation reported finding nearly 150,000 devices still at risk. Some of these systems may have other mitigating measures in place, but the number of vulnerable systems remains in the tens of thousands.

Which countries have the highest number of vulnerable devices?

The distribution of vulnerable devices is global, with the United States having over 24,000 exposed devices, followed by India, Brazil, and Canada.

Why is patching these vulnerabilities considered difficult?

Patching is considered difficult due to it being tedious, requiring massive effort, especially in distributed networks. It's risky, often can't be done during work hours, is subject to constant postponing due to business priorities, and companies often suffer from too much optimism regarding their security posture.

What are the recommended measures to mitigate cybersecurity risks?

Patching discipline, together with MFA (Multi-Factor Authentication) enforcement, are the two best controls against most cybersecurity risks. Despite the challenges, embracing the necessary steps to secure systems is crucial.

Knowledge

Patching still a huge problem - 150k unpatched Fortinet devices on 1 month old critical flaw

published: March 8, 2024

Take action: Embrace the suck, and patch. Patching discipline together with MFA enforcement are the two best controls to most cybersecurity risks.

Learn More

Recent web scans have detected that approximately 150,000 systems utilizing Fortinet's FortiOS and FortiProxy secure web gateway are still exposed to a critical vulnerability tracked as CVE-2024-21762. The vulnerability, with a critical severity score of 9.8 has been reported and patched more tha a month ago.

Despite Fortinet's efforts to address the vulnerability, The Shadowserver Foundation reported finding nearly 150,000 devices still at risk. Shadowserver notest that some other mitigating measure may be in place for some systems. But the number of vulnarable systems is still in the tens of thousands.

The distribution of vulnerable devices is global, with the United States over 24,000, followed by India, Brazil, and Canada.

Unfortunately, patching is a significant overhead that nobody wants to take up: It's tedious and requires masive effort - especially in distributed networks, it's risky, most of it can't be done during the work day, is subject to constant postponing because of business priorities and finally, companies are suffering from too much optimism.

Yet patching discipline together with MFA enforcement are the two best controls to most cybersecurity risks. Embrace the suck, and patch.

Patching still a huge problem - 150k unpatched Fortinet devices on 1 month old critical flaw

Read More
CISA and FBI release detailed exploit chain of …
State of (in)security - Week 51, 2024
State of (in)security - Week 34, 2024
State of (in)security - Week 6, 2024
State of (in)security - Week 32, 2023