Threat Alert 09/02/2024: CVE-2024-21762 and CVE-2024-23113 Emergency Threat Advisory – Critical FortiOS Vulnerabilities


This is an emergency threat advisory to make you aware of the recent discovery of two critical vulnerabilities in FortiOS SSL VPN and FortiOS fgfm daemon.

CVE-2024-21762 is a critical vulnerability affecting FortiOS SSL VPN that when exploited allows unauthenticated attackers to gain remote code execution via maliciously crafted requests.

CVE-2024-23113 is a critical vulnerability affecting FortiOS, which allows use of externally controlled format string vulnerability in FortiOS fgfmd daemon, that may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.

Fortinet is warning that the SSL VPN critical vulnerability is potentially being exploited in attacks. Attacks against the second critical vulnerability have not been observed yet.

To patch the above bugs, Fortinet recommends upgrading to one of the latest versions based on this table:

FortiOS 7.6Not affectedNot Applicable
FortiOS through 7.4.2Upgrade to 7.4.3 or above
FortiOS through 7.2.6Upgrade to 7.2.7 or above
FortiOS through 7.0.13Upgrade to 7.0.14 or above
FortiOS through 6.4.14Upgrade to 6.4.15 or above
FortiOS through 6.2.15Upgrade to 6.2.16 or above
FortiOS 6.06.0 all versionsMigrate to a fixed release

If you are unable to apply the above patches, mitigation is also achieved by disabling the SSL VPN and the WAN interface entirely on your FortiOS device. However, Fortinet has advised that disabling webmode is NOT a valid workaround.

For further information regarding this vulnerability please see Fortinet FortiGuard Labs:

CVE-2024-23113 – PSIRT | FortiGuard (

CVE-2024-21762 – PSIRT | FortiGuard (

For assistance regarding an upgrade path, see Fortinet Upgrade Tool: Upgrade Tool | Fortinet (

Get norm.’s threat bulletin direct to your inbox

norm. tracks and monitors the latest security trends and cyber threats and collates these into a fortnightly threat bulletin.

You can receive this bulletin for free, every fortnight, by entering your business email address below: