Another 1,485 devices are currently vulnerable to a previously discovered flaw in FortiOS. That is more than in the Netherlands.

In Belgium, 1,485 devices are affected by the CVE-2024-21762 vulnerability. This is a critical flaw in FortiOS that allows attackers to execute malicious code on Fortinet security devices via HTTP packets. FortiOS is the operating system for this Safety fabric from Fortinet and thus drives the security specialist’s entire ecosystem. This error specifically affects the SSL VPN functionality of the operating system.

Many weak points in Belgium

The bug was discovered and fixed at the beginning of the year. Luckily, at the beginning of February it became clear that hackers were actively exploiting the vulnerability. However, around 150,000 devices worldwide have not yet received the necessary updates. In our country, according to ShadowServer, about 1,485 IP addresses are linked to the vulnerability. Such an IP address represents a vulnerable device, although there is a possibility that administrators did not install the updates but instead temporarily used an alternative mitigation method.

What is striking is that the Netherlands is less vulnerable than our country, with 1,140 IPs at risk. The much larger United Kingdom has “only” 1,746 verifiable vulnerable IP addresses across its digital territory. In other words, our country is not doing well: administrators are not installing the necessary patches, despite the severity of the error. Most of the vulnerable devices (around 24,000) are in the USA, but in absolute terms there is of course a lot more Fortinet hardware.

The following versions of FortiOS are vulnerable: