According to cybersecurity researchers at Bishop Fox, “hundreds of thousands” of FortiGate firewalls have not been patched against a known vulnerability and are at risk of being attacked by threat actors using the unpatched vulnerability.

TechRadar is reporting that the firewalls are vulnerable to CVE-2023-27997, and a patch has been issued by Fortinet to address vulnerable endpoints.

It is recommended that Fortinet firewalls be patched against this critical vulnerability as soon as possible to versions 7.2.5, 7.0.12, 6.4.13 or 6.2.15 to address the risk.