A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.
Published 2023-06-13 09:15:17
Updated 2024-06-27 19:12:51
View at NVD,   CVE.org
Vulnerability category: OverflowExecute code

CVE-2023-27997 is in the CISA Known Exploited Vulnerabilities Catalog

CISA vulnerability name:
Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via specifically crafted requests.
Notes:
https://www.fortiguard.com/psirt/FG-IR-23-097
Added on 2023-06-13 Action due date 2023-07-04

Exploit prediction scoring system (EPSS) score for CVE-2023-27997

13.33%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-27997

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
9.8
CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.9
5.9
NIST
9.8
CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.9
5.9
Fortinet, Inc.

CWE ids for CVE-2023-27997

  • A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
    Assigned by: psirt@fortinet.com (Secondary)
  • The product writes data past the end, or before the beginning, of the intended buffer.
    Assigned by: nvd@nist.gov (Primary)

References for CVE-2023-27997

Products affected by CVE-2023-27997

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!