CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2023-27997

CVSS 9.8v3.1pub. 2023-06-13upd. 2025-10-24

A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Fortinet Fortigate 6000

    HW
    Fortinet
    wszystkie wersje
  • Fortinet Fortigate 7000

    HW
    Fortinet
    wszystkie wersje
  • Fortinet FortiOS

    OS
    Fortinet
    6.0.106.2.46.2.66.2.76.4.106.4.126.4.26.4.66.4.87.0.107.0.56.4.0 – 6.4.127.0.0 – 7.0.116.2.0 – 6.2.137.2.0 – 7.2.4+ 3 więcej
  • Fortinet Fortiproxy

    APP
    Fortinet
    1.2.0 – 1.2.137.2.0 – 7.2.31.1.0 – 1.1.62.0.0 – 2.0.127.0.0 – 7.0.9

CISA KEV — detailsi

Vendori
Fortinet
Producti
FortiOS and FortiProxy SSL-VPN
Added to KEVi
June 13, 2023
Remediation deadline (US Federal)i
July 4, 2023(overdue)
Ransomwarei
Active ransomware campaigns exploit this vulnerability
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via specifically crafted requests.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
☠️WYKORZYSTYWANE W RANSOMWARECISA DEADLINE: 4 lipca 2023
Tags
RCEMemoryFirewallVPN
CWE
References

Related vulnerabilities

CVE-2026-24858CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Fortinet – Auth Bypass przez FortiCloud SSO w wielu produktach

CVE-2025-59718CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Fortinet FortiOS/FortiProxy/FortiSwitchManager — Auth Bypass przez SAML

CVE-2024-55591CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Authentication Bypass w FortiOS i FortiProxy — przejęcie uprawnień super-admin

CVE-2024-23113CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Krytyczna podatność format string RCE w Fortinet FortiOS, FortiProxy i FortiSwitchManager

CVE-2024-21762CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Out-of-bounds write w Fortinet FortiOS i FortiProxy — RCE bez uwierzytelnienia