"Fortinet Patches Pre-auth RCE, Update Your Fortigate Firewalls ASAP!"

Fortinet has released multiple versions of FortiOS, the operating system/firmware powering its Fortigate firewalls and other devices. They contain a fix for CVE-2023-27997, a Remote Code Execution (RCE) vulnerability that an unauthenticated attacker can exploit. The vulnerability has been patched in FortiOS versions 7.2.5, 7.0.12, 6.4.13, and 6.2.15, and also in v6.0.17. Enterprise administrators are urged to upgrade Fortigate devices as soon as possible. If attackers are not already abusing the flaw, it is likely that it will be exploited soon. This article continues to discuss the RCE flaw and the importance of patching quickly. 

Help Net Security reports "Fortinet Patches Pre-auth RCE, Update Your Fortigate Firewalls ASAP!"