Fortinet has issued an update in response to the revelation of a vulnerability that could enable unauthenticated remote code execution on endpoint devices. It is a heap-based buffer overflow bug, CVE-2023-27997. When this flaw is exploited, unauthenticated users could potentially be able to remotely crash devices and even run code.

Fortinet

The vulnerability is mostly caused by FortiGate’s SSL VPN features. SSL VPNs play a key role in offering secure remote access to a company’s network. The vulnerability might, however, be exploited to break this secure channel, having severe effects on the network’s security integrity. Through carefully prepared requests, SSL-VPN may enable a remote attacker to carryout arbitrary code or commands.

In response to the vulnerability, Fortinet released remedies for it in versions 7.2.5, 7.0.12, 6.4.13, 6.2.15, and 6.0.17. To ensure the security of their networks, users are strongly recommended to update their systems to these versions.

It is still unknown if this vulnerability has been used in the wild by hackers. However, the quick identification and response highlight the significance of continual watchfulness in cybersecurity.

Affected Products

FortiOS-6K7K version 7.0.10
FortiOS-6K7K version 7.0.5
FortiOS-6K7K version 6.4.12
FortiOS-6K7K version 6.4.10
FortiOS-6K7K version 6.4.8
FortiOS-6K7K version 6.4.6
FortiOS-6K7K version 6.4.2
FortiOS-6K7K version 6.2.9 through 6.2.13
FortiOS-6K7K version 6.2.6 through 6.2.7
FortiOS-6K7K version 6.2.4
FortiOS-6K7K version 6.0.12 through 6.0.16
FortiOS-6K7K version 6.0.10
FortiProxy version 7.2.0 through 7.2.3
FortiProxy version 7.0.0 through 7.0.9
FortiProxy version 2.0.0 through 2.0.12
FortiProxy 1.2 all versions
FortiProxy 1.1 all versions
FortiOS version 7.2.0 through 7.2.4
FortiOS version 7.0.0 through 7.0.11
FortiOS version 6.4.0 through 6.4.12
FortiOS version 6.2.0 through 6.2.13
FortiOS version 6.0.0 through 6.0.16

Solutions

Upgrade to FortiOS-6K7K version 7.0.12 or above
Upgrade to FortiOS-6K7K version 6.4.13 or above
Upgrade to FortiOS-6K7K version 6.2.15 or above
Upgrade to FortiOS-6K7K version 6.0.17 or above
Upgrade to FortiProxy version 7.2.4 or above
Upgrade to FortiProxy version 7.0.10 or above
Upgrade to FortiOS version 7.4.0 or above
Upgrade to FortiOS version 7.2.5 or above
Upgrade to FortiOS version 7.0.12 or above
Upgrade to FortiOS version 6.4.13 or above
Upgrade to FortiOS version 6.2.14 or above
Upgrade to FortiOS version 6.0.17 or above

Workaround

Disable SSL-VPN

In order to protect your business, employees, and IT infrastructure you must take a proactive approach. Through the use of Layered Security Strategy, our experts can ensure that your assets are properly protected and secure. Reach out to us if you’d like to learn more by using the information below!

If in this process you discover you have been compromised or that you need assistance upgrading your FortiOS, please contact us or call us immediately at 502-240-0404 so we can help you stop any nefarious attack.