Severe Fortinet SSL-VPN Vulnerability – rating 9.2

Patch available for CVE-2023-27997.

Severe Fortinet SSL-VPN Vulnerability – rating 9.2

Multiple versions of Fortinet Fortigate devices have been found to have a serious vulnerability when SSL VPN is enabled. This leak makes it easy for hackers to penetrate your Fortigate firewall, with all the consequences that entails.

This vulnerability - designated CVE-2023-27997 - has a rating of 9.2 on a scale of 10.

Two-step authentication offers no protection. The vulnerability affects requests in the pre-authentication phase of SSL-VPN.

69% of firewalls still not patched
One month after this notification, 69% of the Fortigate firewalls still have not received a software update. Be sure to patch your firewalls right away to prevent damage. 

Patch for CVE-2023-27997

Is your Fortinet's SSL VPN functionality activated? Then it is very important to protect your Fortinet firewall and thus your ICT network.
Patch your equipment to the latest version:

  • 6.0.17
  • 6.2.15
  • 6.4.13
  • 7.0.12
  • 7.2.5

Complex Update CVE-2023-27997 - Highest Priority

All Fortinet firewalls of customers managed by us were immediately updated by our engineers on the same day of the patch release. This has resolved the SSL-VPN vulnerability.

Due to the complexity, we advise you to have the patch performed by a specialist. Our engineers know exactly how to help you.

Source reference:

Link 1:

Link 2:

Link 3: 

Need help with this patch?

Have you not patched this serious vulnerability yet?
Are you unsure which version your Fortinet equipment has?
Contact us for a swift and secure solution.

Call us: 0478 568 586 of Please contact us

Get in touch?

Please leave your details and we will contact you!

Created by