Home > Security Bulletins > Fortigate SSL-VPN Critical Vulnerabiliy – CVE-2023-27997

Fortigate SSL-VPN Critical Vulnerabiliy – CVE-2023-27997

Fortinet Critical Pre-Authentication RCE Vulnerability

Request an audit

12th June 2023 (Updated 13th June 2023)

Fortinet Critical Pre-Authentication RCE Vulnerability

Fortinet has released patches for a ‘pre-authentication’ remote code execution vulnerability in Fortigate SSL-VPN. Fortinet’s bulletin is now available.

CVE-2023-27997 (CVSS 3.1: 9.2 – Critical) is a heap-based buffer overflow vulnerability in FortiOS and FortiProxy SSL-VPN. The researchers at Lexfo Securite discovered the vulnerability and announced it on Twitter.

The vulnerability allows a “hostile agent to interfere via the VPN, even if MFA is enabled.” per Olympe CyberDefense.

The following is confirmed by Fortinet:

Affected Products

  • FortiOS-6K7K versions:
    • < 7.0.12
    • < 6.4.13
    • < 6.2.15
    • < 6.0.17
  • FortiProxy versions:
    • < 7.2.4
    • < 7.0.10
  • FortiOS versions:
    • < 7.4.0
    • < 7.2.5
    • < 7.0.12
    • < 6.4.13
    • < 6.2.14
    • < 6.0.17

Recommendations

Our recommendation in this case is to patch immediately. Fortinet rushed to released patches for this vulnerability, showing its criticality.