February 6, 2024 at 03:09PM
Two critical command injection vulnerabilities (CVE-2024-23108 and CVE-2024-23109) in Fortinet’s FortiSIEM product have provisional CVSS scores of 10. These flaws impact multiple versions of FortiSIEM, potentially allowing threat actors to execute unauthorized code. The link provided by Fortinet leads to a write-up on a prior vulnerability, hinting at a potential connection. Dark Reading has requested further details from Fortinet.
Based on the meeting notes, here are the key takeaways:
1. Two critical vulnerabilities in Fortinet’s FortiSIEM product have been identified with provisional CVSS scores of 10.
2. The vulnerabilities are command injection flaws tracked under CVE-2024-23108 and CVE-2024-23109, potentially allowing threat actors to execute unauthorized code using crafted API requests.
3. FortiSIEM versions 7.1.0 through 7.1.1; 7.0.0 through 7.0.2; 6.7.0 through 6.7.8; 6.6.0 through 6.6.3; 6.5.0 through 6.5.2; and 6.4.0 through 6.4.2 are impacted by these vulnerabilities.
4. There may be a link between these new discoveries and a previous FortiSIEM vulnerability from October 2023, which was assigned a CVSS score of 9.7.
5. Dark Reading has reached out to Fortinet for additional details but has not yet received a response.