First published: Tue Oct 10 2023(Updated: )
A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets.
Credit: psirt@fortinet.com psirt@fortinet.com
Affected Software | Affected Version | How to fix |
---|---|---|
Fortinet Fortios Ips Engine | <=7.312 | |
Fortinet FortiOS | >=7.2.0<7.2.4 | |
Fortinet Fortios Ips Engine | <=7.165 | |
Fortinet FortiOS | >=7.0.0<7.0.12 | |
Fortinet Fortios Ips Engine | <=6.158 | |
Fortinet FortiOS | >=6.4.0<6.4.13 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-40718 is a vulnerability in Fortinet IPS Engine versions 7.321, 7.166, and 6.158 that allows attackers to evade IPS features through crafted TCP packets.
An attacker can exploit CVE-2023-40718 by sending specially crafted TCP packets to evade IPS features.
Fortinet IPS Engine versions 7.321, 7.166, and 6.158 are affected by CVE-2023-40718.
CVE-2023-40718 has a severity rating of 7.5 (High).
More information about CVE-2023-40718 can be found at https://fortiguard.com/psirt/FG-IR-23-090.