CVE-2023-36553: Critical OS Command Injection Vulnerability in FortiSIEM

Share :

On November 14, 2023, FortiGuard published an advisory disclosing that a critical command injection vulnerability (CVE-2023-36553) had been patched in the latest updates for FortiSIEM. The vulnerability was rated with a Common Vulnerability Scoring System (CVSS) score of 9.3, as it can be exploited remotely by an unauthenticated threat actor using crafted API requests to execute unauthorized commands. This vulnerability is caused by improper neutralization of special elements in FortiSIEM report server. 

Fortinet products present an appealing target for threat actors because of the extensive network access attainable upon system compromise, as evidenced by the numerous Fortinet vulnerabilities listed in CISA’s Known Exploited Vulnerabilities Catalog. Furthermore, their widespread use in enterprise networks worldwide provides threat actors with opportunities to target organizations across various industries. 

Recommendation for CVE-2023-36553

Upgrade FortiSIEM to Fixed Version  

Arctic Wolf strongly recommends upgrading to the latest fixed versions of FortiSIEM.  

Product  Affected Versions  Fixed versions 

 

Fortinet FortiSIEM 
  • 5.4 all versions 
  • 5.3 all versions 
  • 5.2 all versions 
  • 5.1 all versions 
  • 5.0 all versions 
  • 4.10 all versions 
  • 4.9 all versions 
  • 4.8 all versions 
  • 7.1.0 or above 
  • 7.0.1 or above 
  • 6.7.6 or above 
  • 6.6.4 or above 
  • 6.5.2 or above 
  • 6.4.3 or above 

 

Please follow your organizations patching and testing guidelines to avoid operational impact. 

References 

  1. FortiGuard Advisory 
Andres Ramos

Andres Ramos

Andres Ramos is a Threat Intelligence Researcher at Arctic Wolf with a strong background in tracking emerging threats and producing actionable intelligence for both technical and non-technical stakeholders. He has a diverse background encompassing various domains of cyber security, holds a degree in Cybersecurity Engineering, and is a CISSP.
Share :
Table of Contents
Categories
Subscribe to our Monthly Newsletter