Fortinet has identified a vulnerability, CVE-2023-27997, in its FortiGate firewalls that could be leveraged maliciously to gain remote code execution capability.
This issue has been found on every SSL VPN appliance, but the details of the security flaw are shrouded in mystery until Fortinet publishes an official advisory. Fortunately, the vulnerability has been addressed in several versions of the platform, including 6.2.15, 6.4.13, 7.0.12, and 7.2.5.
What FortiOS Versions Are Affected by CVE-2023-27997?
According to the official description, CVE-2023-27997 is a heap-based buffer overflow vulnerability in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1, all versions SSL-VPN.
The vulnerability may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests, as per MITRE’s description.
As attacks on Fortinet products are becoming increasingly commonplace, customers and users of these firewalls should apply the fixes as soon as possible to guard against potential threats.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: