Two critical vulnerabilities in Fortinet’s FortiSIEM product have been assigned provisional CVSS scores of 10. However, details on the bugs remain scarce.
What is known is that the vulnerabilities, tracked below CVE-2024-23108 AND CVE-2024-23109are command injection flaws that could potentially allow threat actors to use crafted API requests to execute unauthorized code.
FortiSIEM is Fortinet’s Security Information and Event Management (SIEM) platform, used to enable enterprise cybersecurity operations centers.
FortiSIEM versions affected by the flaws include version 7.1.0 to 7.1.1; 7.0.0 to 7.0.2; 6.7.0 to 6.7.8; 6.6.0 to 6.6.3; 6.5.0 to 6.5.2; and 6.4.0 to 6.4.2, according to CVE entries.
The link provided by Fortinet for information on defects leads to an article about another FortiSIEM vulnerability since October 2023, suggesting there may be a link between that bug and these new findings. The previous defect was assigned a CVSS score of 9.7.
Dark Reading asked Fortinet for further details but has not yet received a response.