1 min Security

Researchers warn of critical vulnerability in Fortinet firewalls

Researchers warn of critical vulnerability in Fortinet firewalls

Security researchers warn that hundreds of thousands of Fortinet firewalls are vulnerable to cyber attacks. The firewalls have not yet been patched after a critical vulnerability was discovered in June.

According to Bishop Fox, 490,000 affected devices are open to the Internet, some 69% of which have not yet been patched. Fortinet has already released a patch to address the CVE-2023-27997 vulnerability, however.

Heap overflow

The vulnerability is in the operating system, FortiOS. The vulnerability is ranked as very critical and causes a “heap overflow”. This allows hackers to perform a remote code execution attack and run arbitrary code on affected systems. This enables contact with a C&C server, after which a downloaded binary opens an interactive shell on the affected device.

The CVE-2023-27997 vulnerability primarily targets the secure sockets layer virtual private network interfaces in the affected devices. This is not the first time the SSL-VPN layer in FortiOS has suffered from a vulnerability. Late last year, this feature was also hit by a vulnerability.

The experts at Bishop Fox are calling for the published patch to be implemented as soon as possible.

Read more: Fortinet expands as-a-service model FortiFlex