Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access

  /     /     /  
Publicated : 23/11/2024   Category : security


Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access


Corporate admins should patch the max-severity CVE-2024-23108 immediately, which allows unauthenticated command injection.



A proof-of-concept exploit (PoC) for a critical vulnerability in Fortinets FortiSIEM product has emerged, paving the way for broad exploitation.
The vulnerability, tracked under
CVE-2024-23108,
was disclosed and patched in February, along with a related bug, CVE-2024-23109. Both carry max-severity scores of 10 on the CVSS scale, and are unauthenticated command injection flaws that could potentially let threat actors use crafted API requests for remote code execution (RCE).
According to researchers at Horizon3AI, the
exploit
, which they dubbed NodeZero, allows users to blindly execute commands as root on vulnerable FortiSIEM appliances. In their PoC, they used the exploit to load a
remote-access tool
for post-exploitation activities.
FortiSIEM is Fortinets security information and event management (SIEM) platform, used for enabling enterprise cybersecurity operations centers. As such, a compromise could offer a significant beachhead for launching further incursions into corporate environments.
FortiSIEM versions impacted by the flaws include version 7.1.0 through 7.1.1; 7.0.0 through 7.0.2; 6.7.0 through 6.7.8; 6.6.0 through 6.6.3; 6.5.0 through 6.5.2; and 6.4.0 through 6.4.2. Users should patch immediately to avoid compromise.

Last News

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access