logo
Home/CVEs/CVE-2023-27997/

CVE-2023-27997 - Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability

Project:Fortinet

Product:FortiOS and FortiProxy SSL-VPN

Date Added:2023-06-13Due Date:2023-07-04

Vulnerability Name

Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability

Description

Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via specifically crafted requests.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply updates per vendor instructions.

Additional Notes

https://www.fortiguard.com/psirt/FG-IR-23-097

https://nvd.nist.gov/vuln/detail/CVE-2023-27997

Related News Articles

Chinese APT Group Is Ransacking Japan's SecretsJanuary 10, 2025

MirrorFace hackers targeting Japanese govt, politicians since 2019January 10, 2025

CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active AttacksNovember 26, 2024

Fortinet warns of new critical FortiManager flaw used in zero-day attacksOctober 23, 2024

Google: 70% of exploited flaws disclosed in 2023 were zero-daysOctober 17, 2024