FortiSIEM Injection Flaw Let Attackers Execute Malicious Commands

OS repeat injection is a security vulnerability the set an attacker exploits tainted user enter validation to inject malicious instructions into an working plot. This could perhaps lead to:-

• Unauthorized access
• Data breaches
• Machine compromise

FortiSIEM is a security recordsdata and tournament administration (SIEM) resolution developed by Fortinet. It presents actual-time evaluation of security alerts generated by community hardware and applications, helping organizations detect and answer to security threats effectively.

Cybersecurity researchers at Fortinet Product Security Incident Response Crew (PSIRT) not too prolonged within the past identified a FortiSIEM injection flaw that lets attackers carry out malicious instructions and has been tracked as “CVE-2023-36553.”

Flaw profile

• CVE ID: CVE-2023-36553
• Affect: Build unauthorized code or instructions
• Summary: An tainted neutralization of particular sides weak in an OS Expose vulnerability [CWE-78] within the FortiSIEM fable server might perhaps perhaps fair enable a remote unauthenticated attacker to withhold out unauthorized instructions via crafted API requests.
• IR Quantity: FG-IR-23-135
• Severity: Serious
• CVSSv3 Rating: 9.3
• Date: Nov 14, 2023

Furthermore, this serious FortiSIEM injection vulnerability (CVE-2023-36553) used to be identified as a variant of CVE-2023-34992, one other serious flaw that used to be already mounted in October of this 365 days.

Wicked enter sanitization enables OS repeat execution, posing risks of:-

• Unauthorized recordsdata access
• Modification via API requests
• Deletion via API requests

Affected Merchandise

Right here below we have mentioned the full products which might perhaps perhaps be affected:-

• FortiSIEM 5.4 all variations
• FortiSIEM 5.3 all variations
• FortiSIEM 5.2 all variations
• FortiSIEM 5.1 all variations
• FortiSIEM 5.0 all variations
• FortiSIEM 4.10 all variations
• FortiSIEM 4.9 all variations
• FortiSIEM 4.7 all variations

Solutions

Right here below, we have mentioned the full options:-

• Please give a enhance to to FortiSIEM model 7.1.0 or above
• Please give a enhance to to FortiSIEM model 7.0.1 or above
• Please give a enhance to to FortiSIEM model 6.7.6 or above
• Please give a enhance to to FortiSIEM model 6.6.4 or above
• Please give a enhance to to FortiSIEM model 6.5.2 or above
• Please give a enhance to to FortiSIEM model 6.4.3 or above

Hackers actively target Fortinet products due to the their huge utilize in cybersecurity, which makes them profitable for hackers looking out for to utilize vulnerabilities on a effectively-organized scale.

Furthermore, a success breaches of Fortinet devices present hackers access to private networks and irritating recordsdata, offering indispensable rewards for risk actors.