Researchers warn unpatched Fortinet firewalls are exposed to critical vulnerability

Security researchers at Bishop Fox LLC Friday issued a warning that hundreds of thousands of Fortinet Inc. firewalls remain vulnerable to attack because they weren’t patched following the disclosure of a critical vulnerability in June.

The vulnerability, designated as CVE-2023-27997, is a “heap overflow” issue found in FortiOS, the operating system that powers FortiGate firewalls. The vulnerability, which is ranked as 9.8 Critical, allows an attacker to undertake remote code execution and potentially run arbitrary code on a vulnerable system.

The vulnerability affects the system’s secure sockets layer virtual private network interfaces. The Bishop Fox researchers estimate that about 490,000 are exposed on the internet. Although Fortinet has released a patch, about 69% remain unpatched, leaving them vulnerable to potential exploits.

To prove the risk presented by the vulnerability, Bishop Fox’s Capability Development team developed an exploit that involves remotely executing code that compromises the target system, allowing it to connect back to a server controlled by an attacker. Once a connection is established, the exploit downloads a binary and opens an interactive shell on the target device.

The researchers conclude by advising all Fortinet FortiGate firewall users to install the patch as soon as possible.

“The seriousness of this cannot be understated,” Timothy Morris, chief security Advisor at endpoint management company Tanium Inc., told SiliconANGLE. “Sysadmins should patch as quickly as possible.” Morris added that though patching firmware can be more cumbersome and riskier when dealing with appliances that run application gateways, given the severity of the vulnerability, it’s critical they be patched.

Andre van der Walt, director of threat intelligence at managed detection and response firm Ontinue Inc., noted that this isn’t first the first time high-profile FortiGate vulnerabilities have been found.

“While the findings from Bishop Fox are shocking, they are not surprising as it mirrors the overall trend in patching lagging significantly behind addressing new exposure in the attack surface, regardless of the technology in question,” van der Walt said. “This serves as a timely reminder that organizations need to put in place robust vulnerability management measures that identify, prioritize and addresses urgent vulnerabilities like these. Ultimately, security systems also need to be actively maintained to a high level.”

Image: Fortinet