CVE-2023-46715

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 7.2.6 and below Fortinet FortiOS versions 7.4.0 through 7.4.1

Description The issue is related to an origin validation error that allows an authenticated IPSec VPN user with dynamic IP addressing to send packets spoofing the IP of another user via crafted network packets. This can impact the integrity of protected information.

Recommendations For Fortinet FortiOS versions 7.2.6 and below, update to a version above 7.2.6 to resolve the issue. For Fortinet FortiOS versions 7.4.0 through 7.4.1, update to a version above 7.4.1 to resolve the issue. As a temporary workaround, consider restricting access to the IPSec VPN feature until a patch is available.