330,000 FortiGate Firewall Still Unpatched to CVE-2023-27997 RCE Flaw


July 04, 2023Ravie LakshmananNetwork Security/Exploits

Exploits the FortiGate Firewall

No less than 330000 FortiGate firewalls remain unpatched and vulnerable to CVE-2023-27997, a critical security flaw affecting Fortinet devices that has been actively exploited in the wild.

Cybersecurity company Bishop Fox, at a report published last week, said that of the nearly 490,000 Fortinet SSL-VPN interfaces exposed on the internet, about 69 percent remain unpatched.

CVE-2023-27997 (CVSS score: 9.8), also called XORtigate, is a critical vulnerability impacting Fortinet FortiOS and FortiProxy SSL-VPN devices that could allow a remote attacker to execute arbitrary code or commands via specially crafted requests.

The patch was released by Fortinet last month in versions 6.0.17, 6.2.15, 6.4.13, 7.0.12, and 7.2.5, although the company acknowledged that the flaw may have been “exploited in a number of cases” in attacks targeting the government sector, manufacturing, and critical infrastructure.

Exploits the FortiGate Firewall

Bishop Fox’s subsequent analysis found that 153,414 of the devices found had been updated to the patched version of FortiOS.

Another important finding is that many publicly accessible Fortinet devices have not received any updates over the past eight years, with installations running FortiOS versions 5 and 6.

Given that security vulnerabilities in Fortinet devices have become lucrative attack vectors, it is imperative that users update to the latest version as soon as possible.

Found this article interesting? Follow us on Twitter And LinkedIn to read more exclusive content we post.


Source link

Related Articles

Back to top button