Security News > 2023 > June > Fortinet squashes hijack-my-VPN bug in FortiOS gear

Fortinet squashes hijack-my-VPN bug in FortiOS gear
2023-06-12 21:06

Fortinet has patched a critical bug in its FortiOS and FortiProxy SSL-VPN that can be exploited to hijack the equipment.

Fortinet has warned the bug looks to have been exploited in the wild already.

"This is reachable pre-authentication, on every SSL VPN appliance," Fol tweeted, adding that Fortinet has released multiple updates for FortiOS and FortiProxy to close the SSL-VPN hole.

In the meantime, there's a write-up here on Fortinet's website regarding CVE-2023-27997 that you should check out if you use any affected FortiOS gear.

Fortinet disclosed an SSL-VPN flaw in December, for what it's worth, and at the time said it was aware of "An instance" where the bug had been exploited.

Details emerged of suspected Chinese spies making use of another critical Fortinet bug, and also using custom networking malware to steal credentials and maintain network access.


News URL

https://go.theregister.com/feed/www.theregister.com/2023/06/12/fortinet_fixes_critical_rce_bug/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-06-13 CVE-2023-27997 Out-of-bounds Write vulnerability in Fortinet Fortios and Fortiproxy
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.
network
low complexity
fortinet CWE-787
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Fortinet 77 15 314 277 81 687