Fortinet Patches Critical FortiGate Firewall Flaw for Remote Code Execution

Fortinet Patches Critical FortiGate Firewall Flaw for Remote Code Execution

h1: Fortinet patches critical security flaw in FortiGate firewalls

h2: The Vulnerability

Fortinet has released patches to address a critical security flaw in its FortiGate firewalls that could be abused by a threat actor to achieve remote code execution. The vulnerability is tracked as CVE-2023-27997 and is “reachable pre-authentication, on every SSL VPN appliance.”

h2: Discoverer and Reporter

Lexfo Security researcher Charles Fol discovered and reported the flaw.

h2: Impact

This flaw could allow a hacker to execute remote code on the affected firewall without authentication, potentially leading to a full network compromise.

h2: The Fix

Fortinet has released patches for the vulnerability. The company’s advisory asserts that “there are no workarounds to mitigate this vulnerability.”

Summary:

Fortinet’s FortiGate firewalls have been subject to a critical security flaw that has the potential to allow hackers to remotely execute code, thereby compromising the entire network. The vulnerability, tracked as CVE-2023-27997, was discovered and reported by Lexfo Security researcher Charles Fol. The company has responded by releasing patches, indicating that there are no workarounds.Original Article: https://thehackernews.com/2023/06/critical-rce-flaw-discovered-in.html


0

Your Cart Is Empty

No products in the cart.