Unrated severityCISA KEVNVD Advisory· Published Feb 9, 2024· Updated Oct 21, 2025
CVE-2024-21762
CVE-2024-21762
Description
A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests
Affected products
4>=1.0.0, <=7.4.2+ 1 more
- (no CPE)range: >=1.0.0, <=7.4.2
- (no CPE)range: 7.4.0
Patches
Vulnerability mechanics
References
1News mentions
6- New SharkLoader Malware Deploys Cobalt Strike in StrikeShark CyberattacksThe Hacker News · Jun 26, 2026
- StrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoaderSecurelist · Jun 24, 2026
- Operation Escaneo Signals Shift in LatAm Threat LandscapeDark Reading · Jun 18, 2026
- LATAM Infrastructure Hit by Fortinet and Ivanti ExploitsInfosecurity Magazine · Jun 18, 2026
- Russian Threat Groups Use RDP, VPN, Supply Chain Attacks, and Social Engineering for Initial AccessCyber Security News · May 22, 2026
- Ransomware Tactics, Techniques, and Procedures in a Shifting Threat LandscapeMandiant Threat Intelligence · Mar 16, 2026