--- licence_title: Creative Commons Attribution 4.0 International (CC-BY 4.0) licence_link: https://creativecommons.org/licenses/by/4.0/ licence_restrictions: https://cert.europa.eu/legal-notice licence_author: CERT-EU, The Cybersecurity Service for the European Union institutions, bodies, offices and agencies title: 'RCE Vulnerability in FortiOS and FortiProxy' version: '1.0' number: '2023-047' original_date: 'July 11, 2023' date: 'July 13, 2023' --- _History:_ * _13/07/2023 --- v1.0 -- Initial publication_ # Summary On July 11, 2023, Fortinet released an advisory regarding a critical vulnerability in FortiOS & FortiProxy that may allow remote attackers to execute arbitrary code or command via crafted packets [1]. This vulnerability was identified as `CVE-2023-33308` with CVSS score of 9.8. Due to the level of access and control on the network, we recommend to update as soon as possible. # Technical Details This vulnerability is the result of a stack-based overflow vulnerability in FortiOS & FortiProxy. A remote attacker can send crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection to execute arbitrary code or command. # Affected Products - FortiOS version 7.2.0 through 7.2.3 - FortiOS version 7.0.0 through 7.0.10 - FortiProxy version 7.2.0 through 7.2.2 - FortiProxy version 7.0.0 through 7.0.9 # Recommendations CERT-EU strongly recommends upgrading affected FortiOS & FortiProxy products to the latest version. ## Workaround It is possible to disable HTTP/2 support on SSL inspection profiles used by proxy policies or firewall policies with proxy mode [1,2]. # References [1] [2]