CVE-2023-27997CISA KEVEPSS p99.7%

CVE-2023-27997Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability

Fortinet / FortiOS and FortiProxy SSL-VPN

Description

Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via specifically crafted requests.

Scoring

EPSS85.69% probability of exploitation · percentile 99.7% · 2026-06-15T12:03:41Z

CISA KEV entry

Added to KEV: 2023-06-13

(incoming)1

TypeTargetConfidenceTier
KEVEntryFortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerabilitykev-cve-2023-279970%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2022-42475
CVE
Fortinet FortiOS and FortiProxy Out-of-bounds Write
CVE
CVE-2025-25249
CVE
CVE-2026-22828
CVE
Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability
CVE
Fortinet FortiOS Out-of-Bound Write Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.