FortiSIEM Injection Flaw Let Attackers Execute Malicious Commands
OS command injection is a security vulnerability where an attacker exploits improper user input validation to inject malicious commands into an operating system. This can lead to:-
Unauthorized access
Data breaches
System compromise
FortiSIEM is a security information and event management (SIEM) solution developed by Fortinet. It provides real-time analysis of security alerts generated by network hardware and applications, helping organizations detect and respond to security threats efficiently.
Cybersecurity researchers at Fortinet Product Security Incident Response Team (PSIRT) recently identified a FortiSIEM injection flaw that lets attackers execute malicious commands and has been tracked as “CVE-2023-36553.”
Flaw profile
CVE ID: CVE-2023-36553
Impact: Execute unauthorized code or commands
Summary: An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in the FortiSIEM report server may allow a remote unauthenticated attacker to execute unauthorized commands via crafted API requests.
IR Number: FG-IR-23-135
Severity: Critical
CVSSv3 Score: 9.3
Date: Nov 14, 2023
Moreover, this critical FortiSIEM injection vulnerability (CVE-2023-36553) was identified as a variant of CVE-2023-34992, another critical flaw that was already fixed in October of this year.
Improper input sanitization allows OS command execution, posing risks of:-
Unauthorized data access
Modification through API requests
Deletion through API requests
Affected Products
Here below we have mentioned all the products that are affected:-
FortiSIEM 5.4 all versions
FortiSIEM 5.3 all versions
FortiSIEM 5.2 all versions
FortiSIEM 5.1 all versions
FortiSIEM 5.0 all versions
FortiSIEM 4.10 all versions
FortiSIEM 4.9 all versions
FortiSIEM 4.7 all versions
Solutions
Here below, we have mentioned all the solutions:-
Please upgrade to FortiSIEM version 7.1.0 or above
Please upgrade to FortiSIEM version 7.0.1 or above
Please upgrade to FortiSIEM version 6.7.6 or above
Please upgrade to FortiSIEM version 6.6.4 or above
Please upgrade to FortiSIEM version 6.5.2 or above
Please upgrade to FortiSIEM version 6.4.3 or above
Hackers actively target Fortinet products due to their wide use in cybersecurity, which makes them lucrative for hackers seeking to exploit vulnerabilities on a large scale.
Furthermore, successful breaches of Fortinet devices provide hackers access to private networks and important data, offering significant rewards for threat actors.
Patch Manager Plus, the one-stop solution for automated updates of over 850 third-party applications: Try Free Trial.
The post FortiSIEM Injection Flaw Let Attackers Execute Malicious Commands appeared first on Cyber Security News.
Cyber Security News