Vulnerabilities

CVE 2023-27997 FortiOS & FortiProxy Heap Buffer Overflow in ssl-vpn preauth

This advisory is for organizations that use FortiOS and FortiProxy. If your organization does not use this device, this notification may be discarded.

Last week, Fortinet released updates to address a security flaw in FortiOS and FortiProxy SSL-VPN that could allow an unauthenticated remote user to execute arbitrary commands or code due to a heap-based buffer overflow weakness within these products.

Summary

Fortinet users that have SSL-VPN enabled and exposed to the public internet are susceptible to this vulnerability if they are using the unpatched version.

CVE-2023-27997 – CVSSv3 9.2: FortiOS & FortiProxy - Heap buffer overflow in sslvpn pre-authentication

Fortinet has released a PSIRT Advisory indicating the affected products and recommends that organizations apply patches as soon as possible. https://www.fortiguard.com/psirt/FG-IR-23-097

Additional Resources

https://www.bleepingcomputer.com/news/security/fortinet-fixes-critical-rce-flaw-in-fortigate-ssl-vpn-devices-patch-now/

https://www.thestack.technology/fortinet-vulnerability-vpn-cve-2023-27997/