Fortinet has rolled out security updates to patch a critical vulnerability in FortiOS and FortiProxy. This vulnerability, which has been assigned the identifier CVE-2023-33308 and carries a CVSS score of 9.8, could be exploited to execute remote code.
The bug in question is a stack-based overflow issue that impacts the deep inspection function in proxy mode. However, it is important to note that this problem only arises if the deep inspection is enabled on proxy policies or firewall policies using proxy mode. Fortinet advises that turning off this function will prevent any potential exploitation.
The affected versions of FortiOS and FortiProxy are 7.2.x and 7.0.x. Fortunately, the vulnerability has been addressed in the following versions: FortiOS 7.4.0, 7.2.4, and 7.0.11, as well as FortiProxy 7.2.3 and 7.0.10.
Read More: Fortinet Patches Critical FortiOS Vulnerability Leading to Remote Code Execution
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.