Fortinet Issues Patch for Critical FortiGate SSL VPN Vulnerability

Reading time icon 2 min. read


Readers help support VPNCentral. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help VPNCentral effortlessly and without spending any money. Read more

fortinet issues patch for critical fortigate ssl vpn vulnerability

Fortinet has addressed a major FortiGate SSL VPN vulnerability that could have allowed an attacker to achieve remote code execution.

The issue tracked as CVE-2023-27997, was reachable pre-authentication on every SSL VPN device.

The FortiGate SSL VPN vulnerability patch

On Friday, Fortinet released its latest firmware patch. It fixed a previously undisclosed major issue that could have been exploited in attacks.

The CVE-2023-27997 vulnerability would have allowed a hostile agent to interfere via the VPN, even bypassing multi-factor authentication in the process.

The new patch affected the 6.0.17, 6.2.15, 6.4.13, 7.0.12, and 7.2.5 versions of the FortiOS firmware.

Security professionals and admins initially only subtly hinted at the critical flaw.

Researcher Charles Fol and DDXhunter from Lexfo Security first reported FortiGate SSL VPN vulnerability to Fortinet.

They suggested the company acts urgently, as threat actors would be likely to analyze and discover the vulnerability.

Fortinet has a habit of releasing updates before disclosing such problems. This leaves less time for threat actors to reverse-engineer the patches.

Cybersecurity experts have said that this is not unusual for companies to release such patches before admitting that the vulnerability existed.

They said that although researchers were able to create a proof of concept, it doesn’t mean cybercriminals have already weaponized it.

The company finally discussed the issue in a blog post on June 12.

It suggested that a limited number of devices may have been compromised. It also said that it’s working with the affected customers to resolve the problem.

Fortinet also urged customers to apply upgrades or follow other workarounds to mitigate the vulnerability.

In the statement, it said that threat actors may have used the flaw against government, manufacturing, and critical infrastructure.

Previously, cybercriminals used problems such as the FortiGate SSL VPN vulnerability to commit data theft and ransomware attacks.