Fortinet has released patches to address a critical security flaw in its FortiGate firewalls that could be abused by a threat actor to achieve remote code execution.
The vulnerability, tracked as CVE-2023-27997, is “reachable pre-authentication, on every SSL VPN appliance,” Lexfo Security researcher Charles Fol, who discovered and reported the flaw, said in a tweet over the weekend.
Details about the security flaw are currently withheld and Fortinet is yet to release an advisory, although the network security company is expected to release more details in the coming days.
French cybersecurity company Olympe Cyberdefense, in an independent alert, said the issue has been patched in versions 6.2.15, 6.4.13, 7.0.12, and 7.2.5.
“The flaw would allow a hostile agent to interfere via the VPN, even if the MFA is activated,” the firm noted.
With Fortinet flaws emerging as a lucrative attack vector for threat actors in recent years, it’s highly recommended that users move quickly to apply the fixes as soon as possible to mitigate potential risks.
The Hacker News has reached out to Fortinet for further information, and we will update the story if we hear back.
The development comes as Cisco and VMware released updates to address severe vulnerabilities affecting Expressway Series and TelePresence Video Communication Server (VCS) and Aria Operations for Networks, respectively, that could lead to privilege escalation and code execution.