The report from CIRCL OSINT Feed details IDS alerts capturing repeated GET requests to the /remote/logincheck endpoint on Fortigate VPN devices, consistent with reconnaissance or exploitation attempts targeting CVE-2023-27997. The data does not specify affected versions or confirm exploitation success. Patch availability is not indicated in this report, and no known exploits in the wild have been reported. The activity is classified as low severity and categorized as reconnaissance network activity. The source IP involved is 64.62.197.167.

The impact is assessed as low based on the report's severity rating. The activity represents reconnaissance or exploitation attempts against Fortigate VPN devices but lacks confirmation of successful exploitation or widespread impact. No known exploits in the wild are reported, indicating limited immediate risk from this specific alert.

Patch status is not yet confirmed — check Fortinet's official advisories for current remediation guidance regarding CVE-2023-27997. Since no patch availability is indicated here, organizations using Fortigate VPN should monitor for unusual repeated requests to the /remote/logincheck endpoint and apply any vendor-recommended mitigations. No specific mitigation instructions are provided in this report.