A command injection vulnerability has been identified in Fortinet FortiSIEM versions 7.4.0, 7.3.0 through 7.3.4, 7.1.0 through 7.1.8, 7.0.0 through 7.0.4, and 6.7.0 through 6.7.10. This vulnerability allows an unauthenticated attacker to execute unauthorized code or commands by sending crafted TCP requests. The issue arises from improper handling of special elements in OS commands, creating an opportunity for command injection exploitation.
Exploitation of this vulnerability allows for unauthorized code execution on the affected system.
To reproduce this vulnerability, send a crafted TCP request to the FortiSIEM server. The request must be designed to exploit the OS command injection flaw by injecting malicious commands or code into the TCP payload. Once the crafted request is received, the injected commands will be executed on the server, leading to unauthorized code execution.
Users can upgrade Fortinet FortiSIEM to version 7.4.1 or above, 7.3.5 or above, 7.2.7 or above, or 7.1.9 or above, depending on their current version. For FortiSIEM 7.0 and 6.7, users should migrate to a fixed release.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
