February 6, 2024 at 08:37AM
Fortinet’s FortiSIEM product is affected by two critical security vulnerabilities (CVE-2024-23108 and CVE-2024-23109) with a severity score of 10 on the CVSS scale. These flaws allow for remote code execution by unauthenticated attackers. Currently, the affected versions are specified, and Fortinet has recommended upgrading to version 7.1.2 to address the vulnerabilities.
Based on the meeting notes, here are the key takeaways:
– Fortinet’s FortiSIEM product is vulnerable to two new maximum-severity security vulnerabilities (CVE-2024-23108 and CVE-2024-23109) that allow for remote code execution.
– Both vulnerabilities have provisional scores of 10 on the CVSS scale, suggesting that they can be exploited remotely by unauthenticated attackers, have low complexity, and require no user interaction.
– Fortinet’s advisory linked to an older issue, suggesting that the new vulnerabilities may be similar in nature to the one fixed in October 2023, affecting newer versions of FortiSIEM.
– The National Vulnerability Database listings for CVE-2024-23108 and CVE-2024-23109 indicate that both vulnerabilities are currently under review.
– The following FortiSIEM versions are confirmed to be vulnerable: 7.1.0 through 7.1.1, 7.0.0 through 7.0.2, 6.7.0 through 6.7.8, 6.6.0 through 6.6.3, 6.5.0 through 6.5.2, and 6.4.0 through 6.4.2.
– Customers are advised to upgrade to version 7.1.2 or wait for upcoming versions to address the vulnerabilities.
– Fortinet will be releasing new versions for 7.0.x, 6.7.x, 6.6.x, 6.5.x, and 6.4.x, but an expected date has not been specified.