Connect with us

Hi, what are you looking for?



Fortinet Patches Critical FortiOS Vulnerability Leading to Remote Code Execution

Fortinet patches a critical-severity vulnerability in FortiOS and FortiProxy that could lead to remote code execution.

Fortinet on Tuesday announced security updates that address a critical-severity vulnerability in FortiOS and FortiProxy that could be exploited for remote code execution (RCE).

Tracked as CVE-2023-33308 (CVSS score of 9.8), the bug is described as a stack-based overflow issue impacting the deep inspection function in proxy mode.

“A stack-based overflow vulnerability in FortiOS & FortiProxy may allow a remote attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection,” Fortinet explains in an advisory.

Because the issue only occurs if deep inspection is enabled on proxy policies or firewall policies with proxy mode, disabling the function prevents exploitation, the cybersecurity firm explains.

The vulnerability impacts FortiOS and FortiProxy versions 7.2.x and 7.0.x and was resolved in FortiOS versions 7.4.0, 7.2.4, and 7.0.11, and FortiProxy versions 7.2.3 and 7.0.10.

Fortinet noted that the bug was addressed in a previous release, without an advisory.

On Tuesday, the company also announced patches for a medium-severity FortiOS vulnerability that could allow an attacker to reuse a deleted user’s session.

Advertisement. Scroll to continue reading.

Tracked as CVE-2023-28001, the flaw exists because an “existing websocket connection persists after deleting API admin”.

“An insufficient session expiration vulnerability in FortiOS REST API may allow an attacker to reuse the session of a deleted user, should the attacker manage to obtain the API token,” Fortinet explains.

The vulnerability impacts FortiOS versions 7.2.x and 7.0.x and was addressed in FortiOS version 7.4.0.

Fortinet users are advised to apply the patches as soon as possible. Unpatched Fortinet products are known to have been exploited in malicious attacks.

Related: Fortinet Patches Critical RCE Vulnerability in FortiNAC

Related: Fortinet Patches Critical FortiGate SSL VPN Vulnerability

Related: Fortinet Patches Critical Vulnerability in Data Analytics Solution

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.