Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

A critical OS command injection flaw affects Fortinet FortiSIEM

Fortinet warns of a critical OS command injection vulnerability in FortiSIEM report server that could be exploited to execute arbitrary commands. Fortinet is warning customers of a critical OS command injection vulnerability, tracked as CVE-2023-36553 (CVSS score 9.3), in FortiSIEM report server. A remote, unauthenticated attacker can exploit the flaw to execute commands by sending […]

fortinet FortiBleed

Fortinet warns of a critical OS command injection vulnerability in FortiSIEM report server that could be exploited to execute arbitrary commands.

Fortinet is warning customers of a critical OS command injection vulnerability, tracked as CVE-2023-36553 (CVSS score 9.3), in FortiSIEM report server. A remote, unauthenticated attacker can exploit the flaw to execute commands by sending specially crafted API requests.

“An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in FortiSIEM report server may allow a remote unauthenticated attacker to execute unauthorized commands via crafted API requests.” reads the advisory published by the vendor. “This vulnerability was internally discovered as a variant of FG-IR-23-130.”

FortiSIEM is the security information and event management (SIEM) solution provided by Fortinet. FortiSIEM collects, aggregates, and correlates log data from various sources across the network

The vulnerability was discovered by Adham El karn of the Fortinet Product Security team.

The flaw affects Fortinet FortiSIEM version 5.4.0 and 5.3.0 through 5.3.3 and 5.2.5 through 5.2.8 and 5.2.1 through 5.2.2 and 5.1.0 through 5.1.3 and 5.0.0 through 5.0.1 and 4.10.0 and 4.9.0 and 4.7.2.

This vulnerability was internally discovered as a variant of another issue tracked as CVE-2023-34992, which was also an improper neutralization of special elements used in an os command (‘os command injection’) in FortiSIEM version 7.0.0 and 6.7.0 through 6.7.5 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.1 and 6.4.0 through 6.4.2.

The security firm addressed the vulnerability in early October.

It’s not clear if the vulnerability is actively exploited in attacks in the wild.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Fortinet)