Need to monitor Ekco Cloud Edinburgh outages?
Stay on top of outages with IsDown. Monitor the official status pages of all your vendors, SaaS, and tools, including Ekco Cloud Edinburgh, and never miss an outage again.
Start Free Trial
This incident has been resolved.
Ekco have been made aware of the following issue with Forti OS https://www.fortiguard.com/psirt/FG-IR-23-001 we are investigating the issue as a matter of urgency and will be contacting customers to advise what action to take.
FortiGate/FortiProxy Heap buffer underflow in administrative interface - CVE-2023-25610
Overview
Fortinet have announced a new Critical vulnerability (tracked as CVE-2023-25610) affecting FortiGate firewalls and FortiProxy web proxies. The security flaw is an authentication bypass on the administrative interface that could allow attackers execute arbitrary code on the device and/or perform a DoS on the GUI.
From Fortinet - " A buffer underwrite ('buffer underflow') vulnerability in FortiOS & FortiProxy administrative interface may allow a remote unauthenticated attacker to execute arbitrary code on the device and/or perform a DoS on the GUI, via specifically crafted requests.," Fortinet explains in a customer support bulletin issued.
The complete list of products vulnerable to attacks attempting to exploit the CVE-2023-25610 flaw includes:
• FortiOS version 7.2.0 through 7.2.3
• FortiOS version 7.0.0 through 7.0.9
• FortiOS version 6.4.0 through 6.4.11
• FortiOS version 6.2.0 through 6.2.12
• FortiOS 6.0 all versions
• FortiProxy version 7.2.0 through 7.2.2
• FortiProxy version 7.0.0 through 7.0.8
• FortiProxy version 2.0.0 through 2.0.11
• FortiProxy 1.2 all versions
• FortiProxy 1.1 all versions
How do I Remediate?
Recommendation – Prevention
Upgrade FortiOS to the versions below:
• Please upgrade to FortiOS version 7.4.0 or above
• Please upgrade to FortiOS version 7.2.4 or above
• Please upgrade to FortiOS version 7.0.10 or above
• Please upgrade to FortiOS version 6.4.12 or above
• Please upgrade to FortiOS version 6.2.13 or above
• Please upgrade to FortiProxy version 7.2.3 or above
• Please upgrade to FortiProxy version 7.0.9 or above
• Please upgrade to FortiProxy version 2.0.12 or above
• Please upgrade to FortiOS-6K7K version 7.0.10 or above
• Please upgrade to FortiOS-6K7K version 6.4.12 or above
• Please upgrade to FortiOS-6K7K version 6.2.13 or above
• Disable the exposure of Fortinet management interfaces to the internet if possible
• Limit IP addresses that can reach the administrative interface using a whitelisting policy.
Recommendation - Detection
• Examine currently FortiGate/FortiProxy version in use to see if impacted.
• Use vulnerability scanning tools to detect if vulnerability exists.
• Use SIEM to detect possible exploitation attempts on the internet perimeter.
The SOC team are monitoring SIEM tenancies closely to detect any threat activity & IOCs are being issued from Threat Intelligence sources in real time.
With IsDown, you can monitor all your critical services' official status pages from one centralized dashboard and receive instant alerts the moment an outage is detected. Say goodbye to constantly checking multiple sites for updates and stay ahead of outages with IsDown.
Start free trialNo credit card required · Cancel anytime · 3278 services available
Integrations with
How much time you'll save your team, by having the outages information close to them?
14-day free trial · No credit card required · Cancel anytime