Vulnerabilities

CVE-2023-336553 - FortiSIEM Critical Command Injection Vulnerability

Written by Critical Insight | Nov 20, 2023 7:48:42 PM

This advisory is for organizations that use the FortiSIEM report server as part of their security solution.  If your organization does not use this platform, this notification may be discarded.

Summary

Fortinet has released updates to address a Remote Code Execution vulnerability in their FortiSIEM Report Server.  The vulnerability could allow an unauthenticated, remote attacker to pass arbitrary commands to the OS for execution.

CVE-2023-36553–  FortiSIEM critical command injection vulnerability

               CVSSv3: 9.3

Affected Products/Versions

  • FortiSIEM 5.4 all versions
  • FortiSIEM 5.3 all versions
  • FortiSIEM 5.2 all versions
  • FortiSIEM 5.1 all versions
  • FortiSIEM 5.0 all versions
  • FortiSIEM 4.10 all versions
  • FortiSIEM 4.9 all versions
  • FortiSIEM 4.7 all versions

 

Mitigations

Please upgrade to FortiSIEM version 7.1.0 or above

Please upgrade to FortiSIEM version 7.0.1 or above

Please upgrade to FortiSIEM version 6.7.6 or above

Please upgrade to FortiSIEM version 6.6.4 or above

Please upgrade to FortiSIEM version 6.5.2 or above

Please upgrade to FortiSIEM version 6.4.3 or above

 

Additional Resources

https://www.fortiguard.com/psirt/FG-IR-23-135

https://www.bleepingcomputer.com/news/security/fortinet-warns-of-critical-command-injection-bug-in-fortisiem/amp/