Fortinet patches critical flaw in Fortigate devices

Cybersecurity company Fortinet has issued patches for a previously undetected critical flaw in Fortigate firewalls.

The company said a remote code execution (RCE) flaw has been affected in multiple Fortigate devices with SSL-VPN enabled. Fortigate is a next-generation firewall device that, according to Fortinet, delivers “unparalleled AI-powered security performance and threat intelligence, along with full visibility and security and networking convergence.”

By abusing the flaw (CVE-2023-27997), threat actors could gain remote code execution rights on the affected system and perform unauthorized actions.

The patches were released last Friday for FortiOS firmware versions 6.0.17, 6.2.15, 6.4.13, 7.0.12, and 7.2.5.

All organizations are urged to apply the available patches immediately, as well as investigate networks for signs of compromise.

At the end of last year, Fortinet acknowledged that threat actors had been exploiting another critical bug (CVE-2022-40684) affecting FortiOS, FortiProxy, and FortiSwithManager.

In 2021, the company found itself under the spotlight as a threat actor allegedly scraped nearly 500,000 Fortinet VPN user credentials from unsecured devices and then shared them on a newly-launched hacker forum.