Critical FortiOS & FortiProxy pre-authentication heap-based buffer overflow vulnerability in SSL-VPN
Fortinet has released a security update to address CVE-2023-27997, a Critical vulnerability in FortiOS and FortiProxy SSL-VPN devices
Summary
Fortinet has released a security update to address CVE-2023-27997, a Critical vulnerability in FortiOS and FortiProxy SSL-VPN devices
Affected platforms
The following platforms are known to be affected:
Threat details
Introduction
Fortinet has released a security update to address a Critical severity vulnerability in FortiOS and FortiProxy SSL-VPN devices.
The Critical severity vulnerability, known as CVE-2023–27997, is a heap-based buffer overflow vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests.
Evidence of exploitation
Where organisations have found evidence of compromise they should call 0300 303 5222 or email [email protected] immediately.
Fortinet have warned, in an additional PSIRT blog, that CVE-2023-27997 may have been exploited "in a limited number of cases".
VPN appliances are often internet-facing by design and frequent targets for exploitation by cyber threat groups. Previous Fortinet SSL-VPN vulnerabilities have been exploited in the wild within days of official disclosure.
Remediation advice
Affected organisations are required to review Fortinet PSIRT Advisory FG-IR-23-097 and apply relevant security updates as soon as possible.
Definitive source of threat updates
CVE Vulnerabilities
Last edited: 13 June 2023 9:07 am