Official forum for Utopia Community
You are not logged in.
The critical security flaw CVE-2023-27997, which affects Fortinet devices and has been actively exploited in the wild, is still present in no less than 330000 FortiGate firewalls and leaves them open to attack.
According to a report released by the cybersecurity company Bishop Fox last week, out of the nearly 490,000 Fortinet SSL-VPN interfaces that are exposed online, about 69 percent are still unpatched.
In addition to being known as XORtigate, CVE-2023-27997 (CVSS score: 9.8) affects Fortinet FortiOS and FortiProxy SSL-VPN appliances and could allow a remote attacker to execute arbitrary code or commands through carefully crafted requests.
Last month, Fortinet released patches for versions 6.0. 17, 6.2. 15, 6.4. 13, 7.0. 12 and 7 point two. 5, but the business acknowledged that it may have been "exploited in a limited number of cases" in attacks against the manufacturing, critical infrastructure, and government sectors.
Further investigation by Bishop Fox revealed that 153,414 of the discovered appliances had been upgraded to a patched FortiOS version.
A significant finding was that many of the Fortinet devices that were available to the general public were still running versions 5 and 6 of FortiOS, which had not been updated in the previous eight years.
It's critical that users act quickly to update to the newest version as soon as possible given that security flaws in Fortinet devices have historically been lucrative attack vectors.
Offline