12 June 2023 - Critical security vulnerability in Fortigate SSL-VPN

A security vulnerability has been reported today (12 June 2023) on Fortigate SSL VPN firewalls. The vulnerability number is CVE-2023-27997 and it has a score of 9.2 on a scale of 1 to 10, so it is a critical vulnerability.

This vulnerability is linked to a buffer overflow, and its exploitation can enable an attacker to execute remote commands on the attacked system. Note that the attacker does not need to be authenticated to exploit the vulnerability.

Vulnerable versions

Here is the list of vulnerable Fortinet systems.

Urgent action required

Due to the possibility of exploiting this vulnerability remotely without authentication, an immediate update is strongly recommended. Note that this vulnerability can be exploited even if you use multi-factor authentication (MFA).

Mitigation

To fix the vulnerability, you need to migrate to the latest versions of FortiOS. For details, please consult this link.

Vulnerability exploitation status

We are following the evolution of the vulnerability. We have done research and as of today, we confirm that no attack exploit for this vulnerability is available for free download. This reduces the possibility of mass exploitation of the vulnerability. But you must act quickly, as exploits could be available in the coming days or months.

Response measures taken by Streamscan

Our MDR security monitoring team maintains 24/7 vigilance in monitoring the security of your network.

How can Streamscan help?

Cyber attacks are exploding all the time. Without continuous security monitoring, you're completely blind to the attacks targeting you. You can't defend against what you can't see.

Let us put our eyes on your network. Join our MDR managed monitoring platform powered by our CDS cyberthreat detection technology and protect yourself from cyberattacks.