CVE-2023-28002

Summary

CVE-2023-28002 is an improper validation of integrity check value vulnerability found in FortiOS versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.12, 6.4, 6.2, and 6.0, as well as FortiProxy versions 7.2 and 7.0 VMs. This vulnerability allows a local attacker with admin privileges to boot a malicious image on the device and bypass the filesystem integrity check in place. The affected products include iASMZA, qXFuId, qXFuIe, sHmZSX, sB94_g, sB94_h, sB94_c, kZ4fLJ, sB94_d, kZ4fLK, sB94_e, sB94_f, kZ4fLL, kZ4fLM, kZ4fLN, sE9wTZ, sE9wTa, kZ4fLO, kZ4fLP, sI_3zE and more. To remediate this vulnerability, it is recommended to upgrade to a patched version of the affected software as soon as possible to prevent any potential danger it poses to an organization's data integrity and confidentiality. (Note: The information provided above is based on the available text only and does not include additional research or analysis.)

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.