CVE-2023-27997 Lack of detail, but can we find hints? (12th June 2023)

Preface: If you need to push audio/video traffic over the tunnel DTLS can be a huge performance improvement.

Background: Preferred DTLS Tunnel
If enabled, FortiClient uses DTLS if it is enabled on the FortiGate and tunnel establishment is successful. If not enabled on the FortiGate or tunnel establishment does not succeed, TLS is used. DTLS tunnel uses UDP instead of TCP and can increase throughput over VPN.
When disabled, FortiClient uses TLS, even if DTLS is enabled on FortiGate.

Vulnerability details: Fortinet has released firmware updates their pre-authentication remote code execution vulnerability in SSL VPN devices.
The security fixes were released on Friday in FortiOS firmware versions 6.0.17, 6.2.15, 6.4.13, 7.0.12, and 7.2.5.

Details of the vulnerability displayed above: Please refer to the bleepingcomputer –

My observation: Since no details provided by vendor. So, my assumptions can be find in attached diagram.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.