CRITICAL🇵🇱 Wersja polska

CVE-2024-23109

CVSS 10.0v3.1pub. 2024-02-05upd. 2026-01-14

An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet allows attacker to execute unauthorized code or commands via via crafted API requests.

🤖 AI Analysis
How it works

The vulnerability results from improper neutralization of special characters in data passed to operating system commands (CWE-78). An attacker can send specially crafted API requests to the vulnerable FortiSIEM system, which contain malicious elements that are subsequently interpreted as system commands. The lack of authentication requirement and network attack vector allow the exploit to be carried out by anyone with access to the product's API interface.

Impact

An attacker can execute unauthorized code or system commands on the server, which in practice means complete takeover of the device, potential breach of data confidentiality and integrity, and service unavailability.

Mitigation & patch

Apply patches available from the vendor in accordance with references published by Fortinet at https://fortiguard.com/psirt/FG-IR-23-130. Until the update is deployed, it is recommended to restrict access to the FortiSIEM API interface only to trusted IP addresses.

Who is affected

Fortinet FortiSIEM — versions indicated in vendor references (https://fortiguard.com/psirt/FG-IR-23-130)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Fortinet Fortisiem

    APP
    Fortinet
    7.1.07.1.16.6.0 – 6.6.36.4.0 – 6.4.27.0.0 – 7.0.26.7.0 – 6.7.86.5.0 – 6.5.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Command Injection
CWE
References

Related vulnerabilities

CVE-2025-64155CRITICAL9.8PL ✓ten sam produkt

Command injection w Fortinet FortiSIEM — RCE przez TCP

CVE-2025-25256CRITICAL9.8PL ✓ten sam produkt

Krytyczny pre-auth command injection w Fortinet FortiSIEM (RCE)

CVE-2023-40714CRITICAL9.9PL ✓ten sam produkt

Path Traversal w Fortinet FortiSIEM umożliwiający eskalację uprawnień

CVE-2024-23108CRITICAL10.0PL ✓ten sam produkt

Command injection w Fortinet FortiSIEM — nieautoryzowane wykonanie kodu przez API

CVE-2023-36553CRITICAL9.8ten sam produkt

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet Forti...