Fortinet FortiSIEM Vulnerability Allows Attackers to Execute Unauthorized Code or Commands via API Requests
CVE-2024-23109

9.8CRITICAL

Key Information:

Vendor
Fortinet
Status
FortiSIEM
Vendor
CVE Published:
5 February 2024

Badges

📰 News Worthy

Summary

A security vulnerability has been identified in Fortinet's FortiSIEM, where improper neutralization of input potentially allows an OS command injection. This flaw affects several versions, ranging from 6.4.x to 7.1.1. An attacker can exploit this vulnerability by sending specially crafted API requests, which can lead to unauthorized execution of commands or code. It emphasizes the need for timely updates and robust security practices to mitigate potential exploitation. Reference: FortiGuard PSIRT.

Affected Version(s)

FortiSIEM 7.1.1

FortiSIEM 7.0.0 <= 7.0.2

FortiSIEM 6.7.0 <= 6.7.8

News Articles

favicon imageRed Hot Cyber

Le vulnerabilità critiche nei dispositivi FortiSIEM, macOS e Glibc

Le vulnerabilità scoperte possono avere conseguenze devastanti per la privacy e l'integrità dei dati, oltre che per la continuità operativa.

8 months ago

favicon imageSC Media

New Fortinet RCE vulnerability potentially under exploitation

The FortiOS bug was patched a day after Volt Typhoon exploitation of past bugs was revealed.

11 months ago

favicon imageBeeping Computers

Fortinet snafu: Critical FortiSIEM CVEs are duplicates, issued in error

It turns out that critical Fortinet FortiSIEM vulnerabilities tracked as CVE-2024-23108 and CVE-2024-23109 are not new and have been published this year in error.

11 months ago

References

https://fortiguard.com/psirt/FG-IR-23-130

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 📰

    First article discovered by The Register

  • Vulnerability published

  • Vulnerability Reserved

.