Fortinet patches pre-auth RCE, update your Fortigate firewalls ASAP! (CVE-2023-27997) on 11th June 2023 at 6:43 pm

Fortinet has released several versions of FortiOS, the OS/firmware powering its Fortigate firewalls and other devices, without mentioning that they include a fix for CVE-2023-27997, a remote code execution (RCE) flaw that does not require the attacker to be logged in to exploit it. The vulnerability has been fixed in FortiOS versions 7.2.5, 7.0.12, 6.4.13, 6.2.15 and, apparently also in v6.0.17 (even though Fortinet officially stopped supporting the 6.0 branch last year). Enterprise admins are … More →

The post Fortinet patches pre-auth RCE, update your Fortigate firewalls ASAP! (CVE-2023-27997) appeared first on Help Net Security.

Read More