1 min

Tags in this article

, ,

Security researchers warn that hundreds of thousands of Fortinet firewalls are vulnerable to cyber attacks. The firewalls have not yet been patched after a critical vulnerability was discovered in June.

According to Bishop Fox, 490,000 affected devices are open to the Internet, some 69% of which have not yet been patched. Fortinet has already released a patch to address the CVE-2023-27997 vulnerability, however.

Heap overflow

The vulnerability is in the operating system, FortiOS. The vulnerability is ranked as very critical and causes a “heap overflow”. This allows hackers to perform a remote code execution attack and run arbitrary code on affected systems. This enables contact with a C&C server, after which a downloaded binary opens an interactive shell on the affected device.

The CVE-2023-27997 vulnerability primarily targets the secure sockets layer virtual private network interfaces in the affected devices. This is not the first time the SSL-VPN layer in FortiOS has suffered from a vulnerability. Late last year, this feature was also hit by a vulnerability.

The experts at Bishop Fox are calling for the published patch to be implemented as soon as possible.

Read more: Fortinet expands as-a-service model FortiFlex