www.helpnetsecurity.com
Open in
urlscan Pro
52.10.66.75
Public Scan
URL:
https://www.helpnetsecurity.com/2023/06/11/cve-2023-27997/
Submission: On June 12 via api from TR — Scanned from DE
Submission: On June 12 via api from TR — Scanned from DE
Form analysis 1 forms found in the DOM
POST
<form id="mc4wp-form-1" class="mc4wp-form mc4wp-form-244483 mc4wp-ajax" method="post" data-id="244483" data-name="Footer newsletter form">
<div class="mc4wp-form-fields">
<div class="hns-newsletter">
<div class="hns-newsletter__top">
<div class="container">
<div class="hns-newsletter__wrapper">
<div class="hns-newsletter__title">
<i>
<svg class="hic">
<use xlink:href="#hic-plus"></use>
</svg>
</i>
<span>Cybersecurity news</span>
</div>
</div>
</div>
</div>
<div class="hns-newsletter__bottom">
<div class="container">
<div class="hns-newsletter__wrapper">
<div class="hns-newsletter__body">
<div class="row">
<div class="col">
<div class="form-check form-control-lg">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="520ac2f639" id="mcs1">
<label class="form-check-label text-nowrap" for="mcs1">Daily Newsletter</label>
</div>
</div>
<div class="col">
<div class="form-check form-control-lg">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="d2d471aafa" id="mcs2">
<label class="form-check-label text-nowrap" for="mcs2">Weekly Newsletter</label>
</div>
</div>
</div>
</div>
<div class="form-check form-control-lg mb-3">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="28abe5d9ef" id="mcs3">
<label class="form-check-label" for="mcs3">(IN)SECURE - monthly newsletter with top articles</label>
</div>
<div class="input-group mb-3">
<input type="email" name="email" id="email" class="form-control border-dark" placeholder="Please enter your e-mail address" aria-label="Please enter your e-mail address" aria-describedby="hns-newsletter-submit-btn" required="">
<button class="btn btn-dark rounded-0" type="submit" id="hns-newsletter-submit-btn">Subscribe</button>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="AGREE_TO_TERMS" value="1" id="mcs4" required="">
<label class="form-check-label" for="mcs4">
<span>I have read and agree to the <a href="https://www.helpnetsecurity.com/newsletter/" target="_blank" rel="noopener" class="d-inline-block">terms & conditions</a>
</span>
</label>
</div>
</div>
</div>
</div>
</div>
</div><label style="display: none !important;">Leave this field empty if you're human: <input type="text" name="_mc4wp_honeypot" value="" tabindex="-1" autocomplete="off"></label><input type="hidden" name="_mc4wp_timestamp"
value="1686535673"><input type="hidden" name="_mc4wp_form_id" value="244483"><input type="hidden" name="_mc4wp_form_element_id" value="mc4wp-form-1">
<div class="mc4wp-response"></div>
</form>Text Content
searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus * News * Features * Expert analysis * Videos * Reviews * Events * Whitepapers * Industry news * Product showcase * Newsletters * * * Zeljka Zorz, Editor-in-Chief, Help Net Security June 11, 2023 Share FORTINET PATCHES PRE-AUTH RCE, UPDATE YOUR FORTIGATE FIREWALLS ASAP! (CVE-2023-27997) Fortinet has released several versions of FortiOS, the OS/firmware powering its Fortigate firewalls and other devices, without mentioning that they include a fix for CVE-2023-27997, a remote code execution (RCE) flaw that does not require the attacker to be logged in to exploit it. The vulnerability has been fixed in FortiOS versions 7.2.5, 7.0.12, 6.4.13, 6.2.15 and, apparently also in v6.0.17 (even though Fortinet officially stopped supporting the 6.0 branch last year). Enterprise admins are advised to upgrade Fortigate devices as soon as possible – if the vulnerability is not already being exploited by attackers, it’s likely that it will soon be. ABOUT CVE-2023-27997 The exact nature of the vulnerability is currently (publicly) unknown. According to Olympe Cyberdefense, Fortinet will be releasing more details on June 13, 2023 (Tuesday). They say that the vulnerability is critical, affects Fortigate firwall’s SSL VPN functionality, and may allow an attacker to “interfere via the VPN, even if MFA is activated.” Lexfo security researcher Charles Fol, who along with colleague Dany Bach reported the flaw, says that CVE-2023-27997 allows RCE, is “reachable pre-authentication, on every SSL VPN appliance,” and that they will be releasing more details at a later time. There is currently no mention of possible workarounds. PATCH QUICKLY! Unfortunately for enterprise defenders, threat actors can compare the newer versions of the OS with older ones to find what the patch does and, based on that information, develop a working exploit. Vulnerabilities affecting Fortigate firewalls have been a popular target in the past. Also, Fortinet has been known to push out critical fixes without mentioning vulnerabilities – whether actively exploited or not. Enterprise admins should therefore move fast and implement the patch as soon as possible. If the available update doesn’t show up in the device’s dashboard, rebooting it may make it show up. If not, manual download and installation is advised. More about * Fortinet * FortiOS * Lexfo * Olympe Cyberdefense * security update * vulnerability Share this FEATURED NEWS * Fortinet patches pre-auth RCE, update your Fortigate firewalls ASAP! (CVE-2023-27997) * Replace Barracuda ESG appliances, company urges * June 2023 Patch Tuesday forecast: Don’t forget about Apple Spin Up A CIS Hardened Image SPONSORED THE BEST DEFENSE AGAINST CYBER THREATS FOR LEAN SECURITY TEAMS WEBINAR: TIPS FROM MSSPS TO MSSPS – STARTING A VCISO PRACTICE SECURITY IN THE CLOUD WITH MORE AUTOMATION CISOS STRUGGLE WITH STRESS AND LIMITED RESOURCES DON'T MISS FORTINET PATCHES PRE-AUTH RCE, UPDATE YOUR FORTIGATE FIREWALLS ASAP! (CVE-2023-27997) REPLACE BARRACUDA ESG APPLIANCES, COMPANY URGES JUNE 2023 PATCH TUESDAY FORECAST: DON’T FORGET ABOUT APPLE INTRODUCING THE BOOK: CREATING A SMALL BUSINESS CYBERSECURITY PROGRAM, SECOND EDITION CL0P ANNOUNCES RULES FOR EXTORTION NEGOTIATION AFTER MOVEIT HACK Cybersecurity news Daily Newsletter Weekly Newsletter (IN)SECURE - monthly newsletter with top articles Subscribe I have read and agree to the terms & conditions Leave this field empty if you're human: © Copyright 1998-2023 by Help Net Security Read our privacy policy | About us | Advertise Follow us ×