CVSS 3.1 Score 9.8 of 10 (high)


Published Feb 9, 2024
Updated: Feb 13, 2024
CWE ID 787


The vulnerability with the CVE ID CVE-2024-21762 affects multiple products including Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, and 7.0.0 through 7.0.13, as well as FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, and others listed in the affected_products field of the description. This vulnerability allows an attacker to execute unauthorized code or commands by sending specifically crafted requests, which can result in high-risk consequences such as unauthorized access or control over affected systems and potential data breaches or system compromise for organizations using these products. To remediate this vulnerability, affected organizations should update their Fortinet FortiOS and FortiProxy products to the latest available versions provided by the vendor (Fortinet). It is crucial to promptly apply security patches and updates to address this issue and mitigate the risks associated with it. The severity rating assigned to this vulnerability is CRITICAL, with a base score of 9.8 according to CVSS version 3.1 metrics provided by [email protected] as the source of this information. It is important for organizations to be aware of this vulnerability and take immediate action to protect their systems by applying the necessary updates or patches provided by Fortinet in order to minimize potential risks and secure their networks from potential exploitation attempts associated with this vulnerability.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-21762 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options