The Pakistan Telecommunication Authority (PTA) has issued a Cyber Security Advisory regarding a critical vulnerability identified in Fortinet devices. This security flaw, labeled CVE-2024-21762, affects Fortinet’s FortiOS and FortiProxy secure web gateway systems.
The vulnerability allows for unauthenticated remote code execution (RCE), which can be exploited by improperly limiting a pathname to a restricted directory.
Classified as a Remote Code Execution (RCE) threat with an arbitrary code execution attack vector, this vulnerability poses a significant risk. The affected software includes FortiOS, FortiProxy, FortiSwitchManager, and FortiAnalyzer. With approximately 150,000 devices impacted globally, the advisory underscores the high-stakes nature of this security issue.
The Pakistan Telecommunication Authority has urged immediate action, recommending the application of patches to mitigate the risk. As a temporary measure, Fortinet suggests disabling the HTTP/HTTPS administrative interface or restricting IP access to trusted hosts. However, the PTA emphasizes the importance of applying official patches to fully address the vulnerability.
The PTA has advised the organizations to monitor for any unusual activities and ensure that updates are applied promptly. Regular checks of Fortinet’s official advisory page for the latest information and updates are crucial. In case of any security incidents, organizations should report through the PTA CERT Portal and via email to ensure swift response and mitigation.
So, this issue is occurring with Fortinet devices used in Pakistan. What about the rest of the world? I believe Fortinet deployments in Pakistan are much fewer compared to the rest of the world. There must be some angle or manipulation behind this news.”