Friday 9th February 2024

[SEWAN] Technical maintenance - 09/02 to 11/02, scheduled 10 months ago

Dear Partner,

 

a Fortinet OS security breach has been detected in our Fortinet Firewall platforms concerning the SSL-VPN. This is an "N-Day" vunerability, i.e. a global and major breach that impacts all customers on a very large number of deployed versions. Fortinet has issued a statement on the subject, on a dedicated page.

 

What does this mean? The detected breach is a vulnerability in the Firewall SSL VPN process, enabling a potential attacker (a Hacker) to execute unauthorized code or commands in the system. How does Sewan react to this vulnerability? As soon as the breach was detected, the security teams in Sewan's Technical Department took Fortinet's actions into account and planned an update of all OS versions deployed among Sewan's partners and customers.

 

We recommend that you temporarily disable SSL VPN on your Fortinet interface while our teams perform the upgrade.

 

Update planning :

• Cluster 1 : 09/02/2024 PM

• Cluster 2 : 11/02/2024 PM

• Cluster 3 : 11/02/2024 PM

• Cluster 4 : 09/02/2024 PM

• Cluster 6 : 11/02/2024 PM

• Cluster 7 : 11/02/2024 PM

• Cluster 8 : 09/02/2024 PM

• Cluster HDS : 09/02/2024 PM

This should only cause a small cut, in the worst case.

 

We remain at your disposal for any further information.

 

Sewan Technical Team