Fortinet FortiSIEM Vulnerability Allows Attackers to Execute Unauthorized Code or Commands via API Requests

CVE-2024-23108

9.7CRITICAL

Key Information

Vendor
Fortinet
Status
Fortisiem
Vendor
CVE Published:
5 February 2024

Badges

👾 Exploit Exists🔴 Public PoC📰 News Worthy

Summary

The vulnerability CVE-2024-23108 in Fortinet's FortiSIEM allows for remote, unauthenticated command execution as root. The vulnerability affects multiple versions of FortiSIEM and has a critical CVSS3 score of 10.0. A proof-of-concept (PoC) exploit has been released, and Fortinet users are advised to apply the latest patches and review their system logs for signs of compromise. Exploitation of the vulnerability can lead to remote code execution as root, and it is important for organizations to address this issue promptly. Although it has not been exploited by ransomware groups, the potential impact of this vulnerability is severe.

Affected Version(s)

FortiSIEM <= 7.1.1

FortiSIEM <= 7.0.2

FortiSIEM <= 6.7.8

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

News Articles

Week in review: Attackers trying to access Check Point VPNs, NIST CSF 2.0 security metrics evolution - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: RansomLord: Open-source anti-ransomware exploit tool

7 months ago

Le vulnerabilità critiche nei dispositivi FortiSIEM, macOS e Glibc

Le vulnerabilità scoperte possono avere conseguenze devastanti per la privacy e l'integrità dei dati, oltre che per la continuità operativa.

7 months ago

Refferences

CVSS V3.1

Score:
9.7
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • 🔴

    Public PoC available

  • 👾

    Exploit known to exist

  • First article discovered by The Register

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database1 Proof of Concept(s)14 News Article(s)
.