Fortigate SSL-VPN Remote Code Execution vulnerability
A vulnerability has been discovered that affects FortiOS FortiGate devices with SSL-VPN enabled.
This heap-based buffer overflow vulnerability allows for an attacker to run unauthorised code or commands remotely on the affected system.
The vulnerability is tracked as CVE-2023-27997.
What to look for
How to tell if you're at risk
All FortiGate devices running FortiOS with SSL-VPN enabled are potentially at risk.
FortiOS-6K7K version 7.0.10
FortiOS-6K7K version 7.0.5
FortiOS-6K7K version 6.4.12
FortiOS-6K7K version 6.4.10
FortiOS-6K7K version 6.4.8
FortiOS-6K7K version 6.4.6
FortiOS-6K7K version 6.4.2
FortiOS-6K7K version 6.2.9 through 6.2.13
FortiOS-6K7K version 6.2.6 through 6.2.7
FortiOS-6K7K version 6.2.4
FortiOS-6K7K version 6.0.12 through 6.0.16
FortiOS-6K7K version 6.0.10
FortiProxy version 7.2.0 through 7.2.3
FortiProxy version 7.0.0 through 7.0.9
FortiProxy version 2.0.0 through 2.0.12
FortiProxy 1.2 all versions
FortiProxy 1.1 all versions
FortiOS version 7.2.0 through 7.2.4
FortiOS version 7.0.0 through 7.0.11
FortiOS version 6.4.0 through 6.4.12
FortiOS version 6.2.0 through 6.2.13
FortiOS version 6.0.0 through 6.0.16
FortiSASE is no longer impacted, issue remediated Q2/23
What to do
Upgrade your devices running FortiOS to the latest version as soon as possible.
- upgrade to FortiOS-6K7K version 7.0.12 or above
- upgrade to FortiOS-6K7K version 6.4.13 or above
- upgrade to FortiOS-6K7K version 6.2.15 or above
- upgrade to FortiOS-6K7K version 6.0.17 or above
- upgrade to FortiProxy version 7.2.4 or above
- upgrade to FortiProxy version 7.0.10 or above
- upgrade to FortiProxy version 2.0.13 or above
- upgrade to FortiOS version 7.4.0 or above
- upgrade to FortiOS version 7.2.5 or above
- upgrade to FortiOS version 7.0.12 or above
- upgrade to FortiOS version 6.4.13 or above
- upgrade to FortiOS version 6.2.14 or above
- upgrade to FortiOS version 6.0.17 or above
For alternative mitigations, CERT NZ recommends disabling SSL-VPN.
Further details can be found here:
Official information released by Fortinet will be available here:
If you require more information or further support, submit a report on our website or contact us on 0800 CERTNZ.