M247 Security Alert – Fortinet Vulnerability CVE-2023-25610 - Issue resolved
M247 have been made aware and are currently investigating the Fortinet CVE-2023-25610 Published on Tuesday 7th March 2023.
This CVE is a critical Vulnerability scoring 9.3 on the CVSS rating. Further information on this vulnerability can be found https://www.fortiguard.com/psirt/FG-IR-23-001
This is linked to Fortinet products using the following:
FortiOS version 7.2.0 through 7.2.3
FortiOS version 7.0.0 through 7.0.9
FortiOS version 6.4.0 through 6.4.11
FortiOS version 6.2.0 through 6.2.12
FortiOS 6.0 all versions
FortiProxy version 7.2.0 through 7.2.2
FortiProxy version 7.0.0 through 7.0.8
FortiProxy version 2.0.0 through 2.0.11
FortiProxy 1.2 all versions
FortiProxy 1.1 all versions
Remediation: Fortinet has recommended the following remediation activity:
Please upgrade to FortiOS version 7.4.0 or above
Please upgrade to FortiOS version 7.2.4 or above
Please upgrade to FortiOS version 7.0.10 or above
Please upgrade to FortiOS version 6.4.12 or above
Please upgrade to FortiOS version 6.2.13 or above
Please upgrade to FortiProxy version 7.2.3 or above
Please upgrade to FortiProxy version 7.0.9 or above
Please upgrade to FortiProxy version 2.0.12 or above
Please upgrade to FortiOS-6K7K version 7.0.10 or above
Please upgrade to FortiOS-6K7K version 6.4.12 or above
Please upgrade to FortiOS-6K7K version 6.2.13 or above
Affected Customers: This will only affect Dedicated Firewall Customers of M247
We want you to know that we take this issue very seriously. Please accept our sincere apologies for any inconvenience this may cause.
Our M247 Support Team will be in contact as soon as possible to remediate this matter.
If you have any queries, please contact our support team on 0161 822 2580 (opt 1, opt 1), or email us at ticket@m247.com.
Regards
M247 Support