Rewterz Threat Alert – DarkCrystal RAT aka DCRat – Active IOCs
February 9, 2024Rewterz Threat Update – Android XLoader Malware Can Now Execute Automatically upon Installation
February 9, 2024Rewterz Threat Alert – DarkCrystal RAT aka DCRat – Active IOCs
February 9, 2024Rewterz Threat Update – Android XLoader Malware Can Now Execute Automatically upon Installation
February 9, 2024Severity
High
Analysis Summary
CVE-2024-21762
Fortinet FortiOS could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write flaw in sslvpnd. By sending specially crafted HTTP requests, an attacker could exploit this vulnerability to execute arbitrary code or commands on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2024-21762
Affected Vendors
Fortinet
Affected Products
- Fortinet FortiOS 6.0.0
- Fortinet FortiOS 7.2.0
- Fortinet FortiOS 7.0.0
- Fortinet FortiOS 6.4.0
- Fortinet FortiOS 6.2.0
- Fortinet FortiOS 7.4.0
- Fortinet FortiOS 6.2.15
- Fortinet FortiOS 6.4.14
- Fortinet FortiOS 7.0.13
- Fortinet FortiOS 7.2.6
- Fortinet FortiOS 7.4.2
Remediation
Refer to FortiGuard Website for patch, upgrade, or suggested workaround information.