Critical RCE Flaw Discovered in Fortinet FortiGate Firewalls - Patch Now!
12.6.23  Vulnerebility  The Hacker News
Fortinet has released patches to address a critical security flaw in its FortiGate firewalls that could be abused by a threat actor to achieve remote code execution.

The vulnerability, tracked as CVE-2023-27997, is "reachable pre-authentication, on every SSL VPN appliance," Lexfo Security researcher Charles Fol, who discovered and reported the flaw, said in a tweet over the weekend.

Details about the security flaw are currently withheld and Fortinet is yet to release an advisory, although the network security company is expected to publish more details in the coming days.

French cybersecurity company Olympe Cyberdefense, in an independent alert, said the issue has been patched in versions 6.2.15, 6.4.13, 7.0.12, and 7.2.5.

"The flaw would allow a hostile agent to interfere via the VPN, even if the MFA is activated," the firm noted.

With Fortinet flaws emerging as a lucrative attack vector for threat actors in recent years, it's highly recommended that users move quickly to apply the fixes as soon as possible to mitigate potential risks.

The development comes as Cisco and VMware released updates to address severe vulnerabilities affecting Expressway Series and TelePresence Video Communication Server (VCS) and Aria Operations for Networks, respectively, that could lead to privilege escalation and code execution.

Update#
Fortinet shared the following statement with The Hacker News after the publication of the story -

Timely and ongoing communications with our customers is a key component in our efforts to best protect and secure their organization. There are instances where confidential advance customer communications can include early warning on Advisories to enable customers to further strengthen their security posture, prior to the Advisory being publicly released to a broader audience. This process follows best practices for responsible disclosure to ensure our customers have the timely information they need to help them make informed risk-based decisions. For more on Fortinet's responsible disclosure process, visit the Fortinet Product Security Incident Response Team (PSIRT) page: https://www.fortiguard.com/psirt_policy.