Fortinet warns of critical command injection bug in FortiSIEM
November 16, 2023 at 10:22AM Fortinet has warned customers about a critical OS command injection vulnerability in its FortiSIEM report server. The flaw can be exploited by remote, unauthenticated attackers to execute unauthorized commands through specially crafted API requests. The vulnerability, tracked as CVE-2023-36553, is a variant of a previous vulnerability (CVE-2023-34992). Fortinet advises affected … Read more