Jun 13

Critical FortiOS & FortiProxy – Heap buffer overflow Vulnerability

Critical FortiOS – FG-IR-23-097: Fortinet released security updates to address a heap-based buffer overflow vulnerability [CVE-2023-27997] in FortiOS. An attacker could exploit this vulnerability to take control of an affected system. Hackers are actively exploiting the latest Fortinet’s FortiOS and FortiProxy flaw, targeting government, manufacturing, and critical infrastructure sectors. Take immediate action and update to the latest firmware now!

 

Yesterday, Fortinet published a CVSS Critical PSIRT Advisory (FG-IR-23-097 / CVE-2023-27997) along with several other SSL-VPN related fixes. This blog adds context to that advisory, providing Forti customers with additional details to help them make informed, risk-based decisions, and provides their perspective relative to recent events involving malicious actor activity.

The highest severity issue fixed in this release is CRITICAL.

This vulnerability has a CVSS higher than 9. It’s already patched in the latest versions of FortiOS. Still, it’s not mentioned in their release notes. And the related PSIRT advisory from FortiGuardLabs is now publicly accessible. Fortinet is not aware of any instance where this vulnerability was exploited in the wild.

 

IR Number: FG-IR-23-097
Date: June 12, 2023
CVSSv3 Score: 9.2
Impact: Execute unauthorized code or commands
CVE ID: CVE-2023-27997

Recommended Actions:

In addition to monitoring Security Advisories and the immediate patching of systems, Fortinet strongly recommends the following:

  • Review your systems for evidence of exploit of previous vulnerabilities: FG-IR-22-377 / CVE-2022-40684,
  • Maintain good cyber hygiene and follow vendor patching recommendations,
  • Follow hardening recommendations: FortiOS 7.2.0 Hardening Guide,
  • Minimize the attack surface by disabling unused features and managing devices via an out-of-band method wherever possible.

 

Affected Products:
At least
FortiOS-6K7K version 7.0.10
FortiOS-6K7K version 7.0.5
FortiOS-6K7K version 6.4.12
FortiOS-6K7K version 6.4.10
FortiOS-6K7K version 6.4.8
FortiOS-6K7K version 6.4.6
FortiOS-6K7K version 6.4.2
FortiOS-6K7K version 6.2.9 through 6.2.13
FortiOS-6K7K version 6.2.6 through 6.2.7
FortiOS-6K7K version 6.2.4
FortiOS-6K7K version 6.0.12 through 6.0.16
FortiOS-6K7K version 6.0.10
At least
FortiProxy version 7.2.0 through 7.2.3
FortiProxy version 7.0.0 through 7.0.9
FortiProxy version 2.0.0 through 2.0.12
FortiProxy 1.2 all versions
FortiProxy 1.1 all versions
At least
FortiOS version 7.2.0 through 7.2.4
FortiOS version 7.0.0 through 7.0.11
FortiOS version 6.4.0 through 6.4.12
FortiOS version 6.2.0 through 6.2.13
FortiOS version 6.0.0 through 6.0.16

Solution:

  • Please upgrade to FortiOS-6K7K version 7.0.12 or above,
  • Please upgrade to FortiOS-6K7K version 6.4.13 or above,
  • Please upgrade to FortiOS-6K7K version 6.2.15 or above,
  • Please upgrade to FortiOS-6K7K version 6.0.17 or above,
  • Please upgrade to FortiProxy version 7.2.4 or above,
  • Please upgrade to FortiProxy version 7.0.10 or above,
  • Please upgrade to FortiOS version 7.4.0 or above,
  • Please upgrade to FortiOS version 7.2.5 or above,
  • Please upgrade to FortiOS version 7.0.12 or above,
  • Please upgrade to FortiOS version 6.4.13 or above,
  • Please upgrade to FortiOS version 6.2.14 or above,
  • Please upgrade to FortiOS version 6.0.17 or above,

 

All users of Fortigate should use this time to inventory instances of Fortigate and prepare for immediate patching (patchs are already availables). We recommend that you begin identifying your vulnerable systems now and prepare to patch (schedule a Task Force especially) soon as possible.

Source: https://www.fortiguard.com/psirt/FG-IR-23-097

Organizations, users, get ready! We’ll keep you updated.

 
 

Critical FortiOS and FortiProxy Vulnerability – FG-IR-23-001: Blog PostImportant Vulnerability in VMware ESXi: Blog Post
The core function of a SOC: Blog Post
Play ransomware infection routine: Blog Post
Identify a piece of malware with Yara: Blog Post
New Veeam v12 Platform Overview: Blog Post
OpenSSL patch (v3.0.7) for Vulnerability 2022: Blog Post
Building a SOC: Blog Post
List of vendors and software affected by the OpenSSL vulnerability: Blog Post
Critical OpenSSL Vulnerability version 3.0: Blog Post
Veeam v12 Linux Without SSH And SUDO: Blog PostHardened Repository in Veeam v12: Blog Post
Wasabi Object Storage Usage with Veeam B&R v12: Blog Post
VeeaMover in v12: Blog Post
Ransomware & Cybersecurity with Veeam v12: Blog Post
Why backup directly to Object Storage? Blog Post
Veeam B&R v12 New Features Overview: Blog Post
[REPLAY] Webinar Veeam v12 and Wasabi: Replay
Protect your data with Veeam and Wasabi: Blog post
Wasabi – Object Lock feature spotlight: Blog post
Veeam and the S3-compatible object storage solutions: Blog Post
[PODCAST] VeeamUser Group France #1: Record
Conti initiates their attacks on Backup: Blog Post
Backup with Trusted Repository Storage: Blog Post.
Protect your Backup against Ransomware: Blog Post

Please follow and like us:
fb-share-icon
Tweet

Christopher GLEMOT

CTO | Technical specialist around Data Management, Security, Cyber Security, Cyber Resilience, Backup, Disaster Recovery, Multi-Cloud, and Storage | Veeam Vanguard | Varonis Elite | Owner of original-network.com

Advertisement
error

Enjoy this blog? Please spread the word :)