Fortinet reports new max severity issues in FortiSIEM in error, but the bug exists
Take action: The new vulnerabilities are duplicates from old one, but it's still yime to patch your FortiSIEM for the older vulnerability - especially if it's visible from the internet. If the patch for your version is not available yet, isolate access from the internet ASAP.
Update - It appears that the vulnerabilities, CVE-2024-23108 and CVE-2024-23109, were duplicates of a previously known issue, CVE-2023-34992. Fortinet released them in error but clarified that no new vulnerability exists, attributing the error to a system glitch. MITRE and other sources are expected to revoke the advisories for the erroneous CVEs.
Fortinet's FortiSIEM, a cybersecurity product providing security information and event management capabilities, is facing two critical vulnerabilities, tracked as CVE-2024-23108 and CVE-2024-23109. Both vulnerabilities have been assigned maximum severoty CVSS score of 10. The essence of these vulnerabilities lies in the improper neutralization of special elements used in an OS Command (CWE-78), potentially allowing attackers to execute unauthorized commands via crafted API requests.
The affected versions span a considerable range of FortiSIEM release:
Fortinet has urged customers to upgrade their platforms:
These vulnerabilities are similar to a previous issue identified in October as CVE-2023-34992, suggesting a recurring pattern in the security challenges faced by FortiSIEM. No exploits have been publicly disclosed as of yet, underscoring the urgency for administrators to apply necessary updates to mitigate potential risks.
|PaperCut Critical Vulnerability exposing Path Traversal/File Upload RCE
|Cisco Emergency Responder issues patch to clean up …
|Trend Micro Releases Patches for Critical Vulnerabilities in …
|Ivanti reports another critical vulnerability - this time …
|Walkthrough in the newly discovered HTTP/2 DoS Rapid …