In today’s SensCy Cyber Alert, your SensCy team recommends FortiGate Firewall users install the new security update immediately.
The vulnerability, tracked as CVE2023-27997, is described as a reachable pre-authentication, on every SSL VPN appliance, meaning a threat actor could exploit the vulnerability to achieve remote code execution.
While Fortinet hasn’t released an advisory regarding the vulnerability, some versions have already received a patch:
Fortinet and FortiGate vulnerabilities are known to be very lucrative attack vectors for threat actors. We highly recommend applying those patches as soon as possible to mitigate any potential risks.
If you have any questions, please contact your Cyber Advocate.