{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T00:24:18.909","vulnerabilities":[{"cve":{"id":"CVE-2023-27997","sourceIdentifier":"psirt@fortinet.com","published":"2023-06-13T09:15:16.613","lastModified":"2025-10-24T12:54:54.460","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"cisaExploitAdd":"2023-06-13","cisaActionDue":"2023-07-04","cisaRequiredAction":"Apply updates per vendor instructions.","cisaVulnerabilityName":"Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability","weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.1.0","versionEndIncluding":"1.1.6","matchCriteriaId":"E6BBF05F-4967-4A2E-A8F8-C2086097148B"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.2.0","versionEndIncluding":"1.2.13","matchCriteriaId":"33B84D9A-55E3-4146-A55A-ACB507E61B05"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndIncluding":"2.0.12","matchCriteriaId":"7C1D5E6B-A23E-4A92-B53C-720AFEB1B951"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndIncluding":"7.0.9","matchCriteriaId":"DAC18F7E-5242-4F36-BB42-FEC33B3AC075"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndIncluding":"7.2.3","matchCriteriaId":"3A99FF48-370E-4D2A-B5CC-889EA21AB213"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndIncluding":"6.0.16","matchCriteriaId":"8EA5512D-6EE5-4DF3-A960-C02394F25225"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.0","versionEndIncluding":"6.2.13","matchCriteriaId":"3CD57A5A-2B13-495A-8530-8F97E1720602"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndIncluding":"6.4.12","matchCriteriaId":"5E99B6E5-7EC3-406C-AFAC-A5E32DE266DF"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndIncluding":"7.0.11","matchCriteriaId":"C2573C90-BE6A-4D5D-A223-F09213318909"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndIncluding":"7.2.4","matchCriteriaId":"4AB643A8-B52F-4D54-B816-28A6401BAA25"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.12","versionEndIncluding":"6.0.16","matchCriteriaId":"6D997493-24C2-4A78-9DF0-6438E9415A3C"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.9","versionEndIncluding":"6.2.13","matchCriteriaId":"0A0D0D55-1A51-454D-A8B1-D7100D453102"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*","matchCriteriaId":"FA6AF1FA-A034-439A-876B-BFA1BE7DE15E"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*","matchCriteriaId":"9694FC0C-408A-4892-ADD1-F36F4BBBD9EF"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*","matchCriteriaId":"2B8A132F-601F-4129-BFCA-3A976A711D5A"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*","matchCriteriaId":"90600B14-07C4-455D-9FC1-17034D91B987"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*","matchCriteriaId":"B28478DA-8D10-4A8E-81EA-D3DF421E5089"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*","matchCriteriaId":"C2F935F9-5B6A-47C2-8F65-7A1E8BB061FF"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*","matchCriteriaId":"751D2FC7-482F-4C6B-95DB-244004A2738E"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*","matchCriteriaId":"EEE44B20-6F00-4962-9929-5A5054BBA94C"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*","matchCriteriaId":"EB2FF1DA-001B-4CA1-9F46-427D9C92CBC6"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*","matchCriteriaId":"48D0E8CC-3815-4697-86D0-DC7F66E70520"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*","matchCriteriaId":"78C6C937-4477-438D-A252-E4102D758120"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fortinet:fortigate_6000:-:*:*:*:*:*:*:*","matchCriteriaId":"3BB410C9-CDD4-4068-97E0-6D83AE62B7F1"},{"vulnerable":false,"criteria":"cpe:2.3:h:fortinet:fortigate_7000:-:*:*:*:*:*:*:*","matchCriteriaId":"E0CBA773-10C1-410D-BB01-771F454ABEBA"}]}]}],"references":[{"url":"https://fortiguard.com/psirt/FG-IR-23-097","source":"psirt@fortinet.com","tags":["Vendor Advisory"]},{"url":"https://fortiguard.com/psirt/FG-IR-23-097","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-27997","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}}]}