No less than 330,000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997. CVE-2023-27997 is a critical security flaw affecting Fortinet devices that has been exploited in the wild.
Cybersecurity firm Bishop Fox said in a report released last week that about 69 percent of the approximately 490,000 Fortinet SSL-VPN interfaces exposed on the internet remain unpatched. rice field.
CVE-2023-27997 (CVSS score: 9.8), also known as XORtigate, is a critical vulnerability affecting Fortinet’s FortiOS and FortiProxy SSL-VPN appliances that allows remote attackers to perform arbitrary attacks via specially crafted requests. may be able to execute code or commands in
Fortinet released patches for versions 6.0.17, 6.2.15, 6.4.13, 7.0.12 and 7.2.5 last month, but the company said the flaw could have been “exploited in limited cases.” I admit there is. Attacks targeting government, manufacturing, and critical infrastructure sectors.
Bishop Fox’s analysis further revealed that 153,414 of the discovered appliances had been updated to patched FortiOS versions.
Another key finding was that many publicly accessible Fortinet devices had not received an update in the last eight years, and the installed devices were running FortiOS versions 5 and 6.
Given the benefits of security flaws in Fortinet devices as an attack vector, it is imperative that users act quickly to update to the latest version as soon as possible.
