A critical vulnerability in FortiGate SSL VPN could allow hackers to access vulnerable systems and inject malicious code, even if Multi-Factor Authentication (MFA) is enabled. CVE-2023-27997 is a critical heap buffer overflow vulnerability in the SSL-VPN pre-authentication module of Fortinet's FortiOS.
You can determine whether they are impacted by the FortiGate SSL VPN by comparing their product version number against the following vulnerable FortiOS versions.
Using ethical non-invasive scanning techniques, UpGuard can detect instances of a FortiOS SSL VPN interface.
The remote access module disappears when SSL VPN connections are disabled - Source: Fortinet.com Follow FortiOS Hardening Guidelines