Twin Max-Severity Bugs Open Fortinet’s SIEM to Code Execution

February 6, 2024 at 03:09PM Two critical command injection vulnerabilities (CVE-2024-23108 and CVE-2024-23109) in Fortinet’s FortiSIEM product have provisional CVSS scores of 10. These flaws impact multiple versions of FortiSIEM, potentially allowing threat actors to execute unauthorized code. The link provided by Fortinet leads to a write-up on a prior vulnerability, hinting at a potential … Read more