Fortinet Remote Code Execution Vulnerability (CVE-2023-27997)

A critical Remote Code Execution vulnerability (CVE-2023-27997) was identified in FortiOS and FortiProxy SSL-VPN recently which may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.

Fortinet has released the patches to remediate the vulnerability and strongly recommends customers to apply the update IMMEDIATELY.

 

Vulnerabilities

  • Remote Code Execution Vulnerability (CVE-2023-27997)
    • An unauthenticated attacker can execute arbitrary code or commands via specifically crafted requests, and successfully exploit the vulnerability to interfere via the VPN without logging in, even when MFA is activated.

 

Severity Level

  • Critical

 

Affected Systems

  • FortiOS-6K7K:
    • 7.0.5, 7.0.10,
    • 6.4.12, 6.4.10, 6.4.8, 6.4.6, 6.4.2,
    • 6.2.9 through 6.2.13, 6.2.6 through 6.2.7, 6.2.4,
    • 6.0.12 through 6.0.16, 6.0.10
  • FortiOS:
    • 7.2.0 through 7.2.4,
    • 7.0.0 through 7.0.11,
    • 6.4.0 through 6.4.12,
    • 6.0.0 through 6.0.16
  • FortiProxy:
    • 7.2.0 through 7.2.3,
    • 7.0.0 through 7.0.9,
    • 2.0.0 through 2.0.12,
    • 1.2 all versions,
    • 1.1 all versions

 

Remediation

  • Please apply the latest update patches in your department devices immediately.

 

Reference

 

Enquiry

 

 

Published on: 13 Jun 2023