Please note the vulnerabilities in Fortinet products published in June. In particular, we would like to mention the vulnerability in FortiOS, which affects SSLVPN access and poses a major threat with a CVSSv3 score of 9.2.
Fortinet PSIRT: https://www.fortiguard.com/psirt/FG-IR-23-097
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27997
Affected are FortiOS versions 6.0 to 7.2. Fortinet has already published patches for all these versions.
FortiOS version 7.2.0 through 7.2.4 –> Immediately patch to 7.2.5
FortiOS version 7.0.0 through 7.0.11 –> Immediately patch to 7.0.12
FortiOS version 6.4.0 through 6.4.12 –> Immediately patch to 6.4.13
FortiOS version 6.2.0 through 6.2.13 –> Immediately patch to 6.2.14
FortiOS version 6.0.0 through 6.0.16 –> Immediately patch to 6.0.17
FortiOS 7.4 is not affected.
If you want to be informed about new Fortinet versions, use our automatic newsletter.
Subscribe to the newsletter here.