Unrated severityCISA KEVNVD Advisory· Published Jun 13, 2023· Updated Oct 21, 2025
CVE-2023-27997
CVE-2023-27997
Description
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.
Affected products
5<=7.2.3+ 1 more
- (no CPE)range: <=7.2.3
- (no CPE)range: 7.2.0
Patches
Vulnerability mechanics
References
1News mentions
1- Operation Escaneo Signals Shift in LatAm Threat LandscapeDark Reading · Jun 18, 2026