1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability

Known Exploited Vulnerabilities CVE-2023-27997 Mappings

A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2023-27997 Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability primary_impact T1136 Create Account
Comments
This buffer overflow vulnerability allows adversaries to remotely execute arbitrary code via specially crafted requests. Adversaries have been observed adding accounts to config files
References
  1. https://www.rapid7.com/blog/post/2023/06/12/etr-cve-2023-27997-critical-fortinet-fortigate-remote-code-execution-vulnerability/
CVE-2023-27997 Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability exploitation_technique T1574 Hijack Execution Flow
Comments
This buffer overflow vulnerability allows adversaries to remotely execute arbitrary code via specially crafted requests. Adversaries have been observed adding accounts to config files
References
  1. https://www.rapid7.com/blog/post/2023/06/12/etr-cve-2023-27997-critical-fortinet-fortigate-remote-code-execution-vulnerability/
CVE-2023-27997 Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability exploitation_technique T1190 Exploit Public-Facing Application
Comments
This buffer overflow vulnerability allows adversaries to remotely execute arbitrary code via specially crafted requests. Adversaries have been observed adding accounts to config files
References
  1. https://www.rapid7.com/blog/post/2023/06/12/etr-cve-2023-27997-critical-fortinet-fortigate-remote-code-execution-vulnerability/