September 29, 2023

Fortinet has released patches to address a critical security vulnerability, tracked as CVE-2023-27997, in its FortiGate firewalls.

An attacker can exploit the vulnerability to achieve remote code execution on vulnerable network equipment. The issue is reachable pre-authentication that impacts every SSL VPN appliance

The flaw is not disclosed publicly and scheduled to be public on June 13, 2023. The vulnerability has been patched in versions 6.2.15, 6.4.13, 7.0.12, and 7.2.5.

Below is the statement shared by the vendor with media outlets:

Timely and ongoing communications with our customers are key component in our efforts to best protect and secure their organization. There are instances where confidential advance customer communications can include early warning on Advisories to enable customers to further strengthen their security posture prior to the advisory being publicly released to a broader audience. This process follows best practices for responsible disclosure to ensure our customers have the timely information they need to help them make informed risk-based decisions.

Fortinet Statement

For more on Fortinet’s responsible disclosure process, visit the Fortinet Product Security Incident Response Team (PSIRT) page: https://www.fortiguard.com/psirt_policy.”

Tags:

1 thought on “Fortinet Patches Critical Auth Vulnerability

  1. Pingback: Unpatched Fortinet Firewalls are at Risk of Exploitation

Leave a Reply

You may have missed

Google fixes fifth Zeroday bug in Chrome

September 28, 2023

OpenSea NFT suffers a Breach

September 28, 2023

WordPress Simple Membership Plugin Vulnerabilities

September 28, 2023

Jetbrains TeamCity RCE Vulnerability

September 27, 2023

Heap Buffer Overflow Bug in libwebp Library -CVE-2023-5129

September 27, 2023 2

Symantec Collaborates with Google Cloud Security AI

September 27, 2023 2
%d bloggers like this: