TT-CSIRT-418.12.6.23: Fortinet Fortigate SSL-VPN Vulnerability

TT-CSIRT-418.12.6.23: Fortinet Fortigate SSL-VPN Vulnerability

A critical Remote Code Execution vulnerability (CVE-2023-27997) has been identified in multiple versions of Fortinet Fortigate devices when SSL-VPN is enabled.

Exploitation of this critical vulnerability could allow a malicious actor to gain remote code execution rights on the affected system, and perform unauthorized actions.

TT-CSIRT encourages administrators to review the following release from the Australian Cyber Security Center (ACSC) and take the necessary actions immediately: https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/critical-severity-vulnerability-fortinet-fortigate-ssl-vpn-devices

Additional Material: https://www.bleepingcomputer.com/news/security/fortinet-fixes-critical-rce-flaw-in-fortigate-ssl-vpn-devices-patch-now/