Fortinet Remote Code Execution Vulnerability (CVE-2023-33308)

A critical Remote Code Execution vulnerability (CVE-2023-33308) was discovered in FortiOS and FortiProxy products recently which may allow a remote attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection.

Fortinet has released the patches to remediate the vulnerability and strongly recommends customers to apply the update IMMEDIATELY.



  • Remote Code Execution Vulnerability (CVE-2023-33308)


Severity Level

  • Critical


Affected Systems

  • FortiOS version 7.2.0 through 7.2.3
  • FortiOS version 7.0.0 through 7.0.10
  • FortiProxy version 7.2.0 through 7.2.2
  • FortiProxy version 7.0.0 through 7.0.9









Published on: 20 Jul 2023