Security News > 2024 > February > Fortinet snafu: Critical FortiSIEM CVEs are duplicates, issued in error

Fortinet snafu: Critical FortiSIEM CVEs are duplicates, issued in error
2024-02-07 13:29

NVD published two advisories this week for critical command injection vulnerabilities purportedly impacting Fortinet's FortiSIEM products, but there's more to what meets the eye.

BleepingComputer has confirmed that these CVEs are not "New," but duplicates of a previously known FortiSIEM vulnerability and were issued in error.

Fortinet: 'No new vulnerability' in FortiSIEM in 2024.

Confusingly enough, Fortinet's advisory associated with these CVEs bears a publication date of "Oct 10, 2023"-not yesterdaty's, and additionally lists a previously known CVE-2023-34992, also a critical FortiSIEM OS command injection flaw.

"In this instance, due to an issue with the API which we are currently investigating, rather than an edit, this resulted in two new CVEs being created, duplicates of the original CVE-2023-34992. There is no new vulnerability published for FortiSIEM so far in 2024, this is a system level error and we are working to rectify and withdraw the erroneous entries."

Last year, various cybersecurity reports confirmed bugs in Fortinet products being exploited by Iranian hackers to attack U.S. aeronautical firms and Chinese cyber-espionage clusters [1, 2]. Additionally, there have been cases where hackers exploited zero-day vulnerabilities in Fortinet products to breach government networks, discovered after painstakingly reverse-engineering specific FortiGate OS components.


News URL

https://www.bleepingcomputer.com/news/security/fortinet-snafu-critical-fortisiem-cves-are-duplicates-issued-in-error/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-10-10 CVE-2023-34992 OS Command Injection vulnerability in Fortinet Fortisiem
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.0.0 and 6.7.0 through 6.7.5 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.1 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via crafted API requests.
network
low complexity
fortinet CWE-78
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Fortinet 76 15 312 265 80 672