logo

CVE-2023-27997 - Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability

CVE-2023-27997

Fortinet | FortiOS and FortiProxy SSL-VPN

  • Date Added:
  • 2023-06-13
  • Due Date:
  • 2023-07-04
Vulnerability Name

Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability

Description

Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via specifically crafted requests.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply updates per vendor instructions.

Additional Notes
https://www.fortiguard.com/psirt/FG-IR-23-097; https://nvd.nist.gov/vuln/detail/CVE-2023-27997
Related News Articles

Free security scan for your website