338,000 unpatched FortiGate firewalls vulnerable to critical bug

July 5, 2023

According to Bishop Fox, despite a patch provided in June, a critical bug in FortiGate firewalls that might allow attackers to take control of devices has not been addressed on more than 338,000 devices.

CVE-2023-27997, with a CVSS score of 9.8 out of 10, is a heap-based buffer overflow vulnerability that affects FortiOS and FortiProxy devices that have SSL-VPN enabled. Fortinet fixed it on June 8, however many devices have yet to be updated.

Researchers from Bishop Fox developed an exploit for the vulnerability that can be used to gain remote code execution on affected devices. They also found that a handful of devices are still running eight-year-old FortiOS software, which is even more vulnerable to attack. It did not stop there, as it investigation identified approximately 490,000 Fortinet SSL-VPN interfaces exposed on the internet, with 69 percent (338,100) remaining unpatched.

Bishop Fox went on to demonstrate how the vulnerability could impair the system by causing heap damage, connecting to an attacker-controlled site, downloading a BusyBox file, and creating a shell.

The sources for this piece include an article in TheRegister.

Top Stories

Related Articles

June 9, 2026 Hackers exploited Meta’s AI-powered support chatbot to gain control of Instagram accounts, including several high-profile profiles. Meta more...

June 5, 2026 Security researchers have disclosed a new denial-of-service attack called HTTP/2 Bomb that can overwhelm major web servers more...

May 20, 2026 The Cybersecurity and Infrastructure Security Agency, the arm of the U.S. government tasked with protecting critical infrastructure more...

May 11, 2026 Instructure has restored access to its Canvas learning platform after a cyberattack disrupted service for universities and more...

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn