Fortinet FortiSIEM Vulnerability Allows Attackers to Execute Unauthorized Code or Commands via API Requests
CVE-2024-23108
Key Information
- Vendor
- Fortinet
- Status
- Fortisiem
- Vendor
- CVE Published:
- 5 February 2024
Badges
Summary
The vulnerability CVE-2024-23108 in Fortinet's FortiSIEM allows for remote, unauthenticated command execution as root. The vulnerability affects multiple versions of FortiSIEM and has a critical CVSS3 score of 10.0. A proof-of-concept (PoC) exploit has been released, and Fortinet users are advised to apply the latest patches and review their system logs for signs of compromise. Exploitation of the vulnerability can lead to remote code execution as root, and it is important for organizations to address this issue promptly. Although it has not been exploited by ransomware groups, the potential impact of this vulnerability is severe.
Affected Version(s)
FortiSIEM <= 7.1.1
FortiSIEM <= 7.0.2
FortiSIEM <= 6.7.8
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
Week in review: Attackers trying to access Check Point VPNs, NIST CSF 2.0 security metrics evolution - Help Net Security
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: RansomLord: Open-source anti-ransomware exploit tool
7 months ago
Le vulnerabilità critiche nei dispositivi FortiSIEM, macOS e Glibc
Le vulnerabilità scoperte possono avere conseguenze devastanti per la privacy e l'integrità dei dati, oltre che per la continuità operativa.
7 months ago
Refferences
CVSS V3.1
Timeline
- 🔴
Public PoC available
- 👾
Exploit known to exist
First article discovered by The Register
Vulnerability published
Vulnerability Reserved