HomeVulnerabilityFortinet warns of crucial command injection bug in FortiSIEM

Fortinet warns of crucial command injection bug in FortiSIEM

Fortinet is alerting prospects of a crucial OS command injection vulnerability in FortiSIEM report server that may very well be exploited by distant, unauthenticated attackers to execute instructions by way of specifically crafted API requests.

FortiSIEM (Safety Data and Occasion Administration) is a complete cybersecurity resolution that gives organizations with enhanced visibility and granular management over their security posture.

It’s utilized in companies of all sizes within the healthcare, monetary, retail, e-commerce, authorities, and public sectors.

Variant of one other OS command injection

Now tracked as CVE-2023-36553, Fortinet’s product security staff earlier this week found the flaw and assigned it a crucial severity rating of 9.3. Nevertheless, the U.S. Nationwide Institute of Requirements and Know-how (NIST) calculated a severity rating of 9.8.

The researchers say that CVE-2023-36553 is a variant of one other critical-severity security challenge recognized as CVE-2023-34992 that was fastened in early October.

Improper neutralization points come up when the software program fails to sanitize enter, akin to particular characters or management parts, earlier than it’s handed by way of an accepted OS command delivered to an interpreter.

On this case, this system takes API requests and passes them to the OS as a command to be executed, resulting in harmful eventualities like unauthorized information entry, modification, or deletion.

Affected variations embody FortiSIEM releases from 4.7 by way of 5.4. Fortinet urges system directors to improve to variations 6.4.3, 6.5.2, 6.6.4, 6.7.6, 7.0.1, or 7.1.0 and later.

Enticing targets

Fortinet merchandise embody firewalls, endpoint security, and intrusion detection programs. These are sometimes focused by refined, state-backed hacking teams, for entry to a corporation’s community.

In 2023, numerous cybersecurity studies confirmed bugs in Fortinet merchandise being exploited by Iranian hackers to assault U.S. aeronautical corporations and Chinese language cyber-espionage clusters [1, 2].

See also  Proofpoint unveils new options to interrupt cyberattack chain

Moreover, there have been instances the place hackers exploited zero-day vulnerabilities in Fortinet merchandise to breach authorities networks, found after painstakingly reverse-engineering particular FortiGate OS parts.

- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular