Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Admins should get a move on while info is scarce and exploits aren't yet available
Fortinet's FortiSIEM product is vulnerable to two new maximum-severity security vulnerabilities that allow for remote code execution. Both CVE-2024-23108 and CVE-2024-23109 have been assigned provisional scores of 10 on the CVSS scale, suggesting exploits can be carried out remotely by unauthenticated attackers, are low in complexity, and require no user interaction to pull off. In registering the CVE identities for the vulnerabilities, Fortinet linked to its own advisory to provide more informa...