Fortinet SSL-VPN Exploit


We have completed our process of evaluating and patching for this vulnerability.


On June 12th Fortinet publicly announced a critical zero-day vulnerability for Fortinet Firewalls. The exploit allows attackers to bypass MFA and authentication for remote access VPN connections.

Magna5 has been actively patching Fortinet Firewalls since June 9th with the firmware that contained the remediations. The Magna5 private cloud firewalls were patched on June 10th to safeguard hosted clients.

The Magna5 cybersecurity and network engineering teams have been working 24/7 to ensure all clients with Managed Fortinet Firewalls are fully patched against this vulnerability.

For additional information regarding this vulnerability, please see the official announcement from Fortinet.
Analysis of CVE-2023-27997 and Clarifications on Volt Typhoon Campaign | Fortinet Blog

Began at:

Affected components
  • General Maintenance Notifications
  • Monitoring Platforms
  • Cloud Hosting
    • WPA Datacenter
    • VA Datacenter
  • Backup & Disaster Recovery
  • Cybersecurity Platforms