Fortinet has released a patch to address a critical security flaw in the FortiGate firewall that could be abused by threat actors to achieve remote code execution.
Vulnerability, tracked as CVE-2023-27997is “reachable pre-authentication, on any SSL VPN device,” Lexfo Security researcher Charles Fol, who discovered and reported the flaw, said in a tweet over the weekend.
Details about the security flaw are currently classified and Fortinet has yet to release a report, although the network security firm is expected to publish more details in the coming days.
French cybersecurity firm Olympe Cyberdefense, in an independent warning, said This issue has been patched in versions 6.2.15, 6.4.13, 7.0.12, and 7.2.5.
“The flaw would allow a hostile agent to interfere through the VPN, even if MFA is enabled,” the company said.
With Fortinet vulnerabilities emerging as tempting attack vectors for threat actors in recent years, it is strongly recommended that users move quickly to implement fixes as soon as possible to mitigate potential risks.
This development comes as Cisco and VMware released an update to address a severe vulnerability affecting the Expressway Series and TelePresence Video Communication Server (VCS) and Aria Operations for Networks, which could lead to privilege escalation and code execution.
Fortinet shared the following statement with The Hacker News following publication of the story –
Timely and ongoing communication with our customers is a key component in our efforts to best protect and secure their organizations. There are instances where follow-up customer communications that are confidential may include an early warning to an Advisor to allow the customer to further strengthen their security posture, before the Advisor is released publicly to a wider audience. This process follows best practices for responsible disclosure to ensure our customers have the timely information they need to help them make informed risk-based decisions. For more information about Fortinet’s responsibility disclosure process, visit the Fortinet Product Security Incident Response Team (PSIRT) page: https://www.fortiguard.com/psirt_policy.