- Vulnerability/
- CVE-2023-27997
12/6/2023
13/6/2023
13/6/2023
10/3/2025
CVE-2023-27997: Heap buffer overflow in sslvpn pre-authentication
First published: Mon Jun 12 2023(Updated: )
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS and FortiProxy SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests. ## Workaround: Disable SSL-VPN.
Credit: psirt@fortinet.com psirt@fortinet.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortinet FortiOS | ||
| Fortinet FortiProxy SSL VPN webmode | >=1.1.0<=1.1.6 | |
| Fortinet FortiProxy SSL VPN webmode | >=1.2.0<=1.2.13 | |
| Fortinet FortiProxy SSL VPN webmode | >=2.0.0<=2.0.12 | |
| Fortinet FortiProxy SSL VPN webmode | >=7.0.0<=7.0.9 | |
| Fortinet FortiProxy SSL VPN webmode | >=7.2.0<=7.2.3 | |
| FortiOS | >=6.0.0<=6.0.16 | |
| FortiOS | >=6.2.0<=6.2.13 | |
| FortiOS | >=6.4.0<=6.4.12 | |
| FortiOS | >=7.0.0<=7.0.11 | |
| FortiOS | >=7.2.0<=7.2.4 | |
| All of | ||
| Any of | ||
| FortiOS | >=6.0.12<=6.0.16 | |
| FortiOS | >=6.2.9<=6.2.13 | |
| FortiOS | =6.0.10 | |
| FortiOS | =6.2.4 | |
| FortiOS | =6.2.6 | |
| FortiOS | =6.2.7 | |
| FortiOS | =6.4.2 | |
| FortiOS | =6.4.6 | |
| FortiOS | =6.4.8 | |
| FortiOS | =6.4.10 | |
| FortiOS | =6.4.12 | |
| FortiOS | =7.0.5 | |
| FortiOS | =7.0.10 | |
| Any of | ||
| Fortinet Fortigate | ||
| Fortinet Fortigate | ||
| Fortinet FortiOS | >=6.2.10<=6.2.13 | |
| Fortinet FortiOS | =6.0.10 | |
| Fortinet FortiOS | =6.0.12 | |
| Fortinet FortiOS | =6.0.13 | |
| Fortinet FortiOS | =6.0.14 | |
| Fortinet FortiOS | =6.0.15 | |
| Fortinet FortiOS | =6.0.16 | |
| Fortinet FortiOS | =6.2.4 | |
| Fortinet FortiOS | =6.2.6 | |
| Fortinet FortiOS | =6.2.7 | |
| Fortinet FortiOS | =6.2.9 | |
| Fortinet FortiOS | =6.4.2 | |
| Fortinet FortiOS | =6.4.6 | |
| Fortinet FortiOS | =6.4.8 | |
| Fortinet FortiOS | =6.4.10 | |
| Fortinet FortiOS | =6.4.12 | |
| Fortinet FortiOS | =7.0.5 | |
| Fortinet FortiOS | =7.0.10 |
Remedy
Please upgrade to FortiOS-6K7K version 7.0.12 or above Please upgrade to FortiOS-6K7K version 6.4.13 or above Please upgrade to FortiOS-6K7K version 6.2.15 or above Please upgrade to FortiOS-6K7K version 6.0.17 or above Please upgrade to FortiProxy version 7.2.4 or above Please upgrade to FortiProxy version 7.0.10 or above Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.5 or above Please upgrade to FortiOS version 7.0.12 or above Please upgrade to FortiOS version 6.4.13 or above Please upgrade to FortiOS version 6.2.14 or above Please upgrade to FortiOS version 6.0.17 or above
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.bleepingcomputer.com/news/security/new-fortinet-rce-bug-is-actively-exploited-cisa-confirms/
- https://www.bleepingcomputer.com/news/security/fortinet-warns-of-critical-rce-bug-in-endpoint-management-software/
- https://www.theregister.com/2024/03/18/more_than_133000_fortinet_appliances/
- https://www.fortiguard.com/psirt/cvrf/FG-IR-23-097
- https://www.fortiguard.com/psirt/FG-IR-23-097
- https://www.bleepingcomputer.com/news/security/exploit-released-for-maximum-severity-fortinet-rce-bug-patch-now/
- https://fortiguard.com/psirt/FG-IR-23-097
- https://www.bleepingcomputer.com/news/security/google-70-percent-of-exploited-flaws-disclosed-in-2023-were-zero-days/
- https://www.bleepingcomputer.com/news/security/fortinet-warns-of-new-critical-fortimanager-flaw-used-in-zero-day-attacks/
- https://www.fortiguard.com/psirt/FG-IR-23-097;
- https://nvd.nist.gov/vuln/detail/CVE-2023-27997
- https://www.theregister.com/2024/12/31/china_cyber_intrusions_2024/
- https://www.bleepingcomputer.com/news/security/mirrorface-hackers-targeting-japanese-govt-politicians-since-2019/
- https://www.darkreading.com/cyberattacks-data-breaches/chinese-apt-group-ransacking-japans-secrets
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- agent/type
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-21762
- alias/CVE-2024-23108
- alias/CVE-2024-23109
- alias/CVE-2023-34992
- alias/CVE-2022-42475
- alias/CVE-2023-27997
- agent/severity
- agent/first-publish-date
- alias/CVE-2023-48788
- alias/CVE-2023-42789
- alias/CVE-2023-36554
- alias/CVE-2023-47534
- collector/the-register
- source/The Register
- alias/CVE-2022-40684
- zeroday/true
- agent/news-ai
- agent/title
- collector/fortiguard-psirt
- source/FortiGuard
- agent/description
- alias/FG-IR-23-130
- agent/author
- agent/weakness
- agent/remedy
- alias/CVE-2023-28121
- collector/mitre-cve
- source/MITRE
- alias/CVE-2024-47575
- alias/FG-IR-24-423
- alias/CVE-2021-27860
- alias/CVE-2021-40539
- alias/CVE-2024-39717
- alias/CVE-2023-28461
- alias/CVE-2023-3519
- collector/darkreading
- source/Dark Reading
- agent/references
- agent/trending
- agent/source
- agent/last-modified-date
- agent/event
- exploited/true
- ransomware/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- collector/nvd-cve
- collector/nvd-index
- vendor/fortinet
- canonical/fortinet fortios
- canonical/fortinet fortiproxy ssl vpn webmode
- version/fortinet fortiproxy ssl vpn webmode/1.1.0
- version/fortinet fortiproxy ssl vpn webmode/1.1.6
- version/fortinet fortiproxy ssl vpn webmode/1.2.0
- version/fortinet fortiproxy ssl vpn webmode/1.2.13
- version/fortinet fortiproxy ssl vpn webmode/2.0.0
- version/fortinet fortiproxy ssl vpn webmode/2.0.12
- version/fortinet fortiproxy ssl vpn webmode/7.0.0
- version/fortinet fortiproxy ssl vpn webmode/7.0.9
- version/fortinet fortiproxy ssl vpn webmode/7.2.0
- version/fortinet fortiproxy ssl vpn webmode/7.2.3
- canonical/fortios
- version/fortios/6.0.0
- version/fortios/6.0.16
- version/fortios/6.2.0
- version/fortios/6.2.13
- version/fortios/6.4.0
- version/fortios/6.4.12
- version/fortios/7.0.0
- version/fortios/7.0.11
- version/fortios/7.2.0
- version/fortios/7.2.4
- version/fortios/6.0.12
- version/fortios/6.2.9
- version/fortios/6.0.10
- version/fortios/6.2.4
- version/fortios/6.2.6
- version/fortios/6.2.7
- version/fortios/6.4.2
- version/fortios/6.4.6
- version/fortios/6.4.8
- version/fortios/6.4.10
- version/fortios/7.0.5
- version/fortios/7.0.10
- canonical/fortinet fortigate
- version/fortinet fortios/6.2.10
- version/fortinet fortios/6.2.13
- version/fortinet fortios/6.0.10
- version/fortinet fortios/6.0.12
- version/fortinet fortios/6.0.13
- version/fortinet fortios/6.0.14
- version/fortinet fortios/6.0.15
- version/fortinet fortios/6.0.16
- version/fortinet fortios/6.2.4
- version/fortinet fortios/6.2.6
- version/fortinet fortios/6.2.7
- version/fortinet fortios/6.2.9
- version/fortinet fortios/6.4.2
- version/fortinet fortios/6.4.6
- version/fortinet fortios/6.4.8
- version/fortinet fortios/6.4.10
- version/fortinet fortios/6.4.12
- version/fortinet fortios/7.0.5
- version/fortinet fortios/7.0.10