New Fortinet FortiSIEM flaws evading patches for older RCE reported

8 February 2024

Fortinet has reported that its FortiSIEM solution is impacted by two new vulnerabilities that circumvent fixes issued for a critical remote code execution flaw, tracked as CVE-2023-34992, after mistakenly disclosing the newly identified issues as duplicates of the older bug, according to BleepingComputer. Both new vulnerabilities, tracked as CVE-2024-23108 and CVE-2024-23109, are variants of the original bug and could all be exploited to facilitate unauthorized command execution through crafted API requests, said Fortinet.

Source: SC Magazine

Date:

8 February 2024

Categorie(s):

NEWS

Tag(s):

Fortinet, IT, New, News, Vulnerability Management

20 Best Linux Password Managers in 202428 April 2024
Reliable Web App Pattern: Now Optimizes Azure Migration with Enhanced Infrastructure and Security28 April 2024
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks28 April 2024
Good Security Is About Iteration, Not Perfection.28 April 2024
Week in review: Two Cisco ASA zero-days exploited, MITRE breach, GISEC Global 202428 April 2024