CVE-2024-23109
CRITICAL EXPLOITED RANSOMWAREFortiSIEM - OS Command Injection via Crafted API Requests
Title source: llmExploitation Summary
CVE-2024-23109 has been observed exploited in the wild (reported by VulnCheck KEV), including in ransomware campaigns.
Description
An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet allows attacker to execute unauthorized code or commands via via crafted API requests.
References (1)
Core 1
Core References
Vendor Advisory
https://fortiguard.com/psirt/FG-IR-23-130
Scores
CVSS v3
10.0
EPSS
0.0696
EPSS Percentile
91.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
VulnCheck KEV
2025-02-25
Ransomware Use
Confirmed
CWE
CWE-78
Status
published
Products (3)
fortinet/fortisiem
7.1.0
fortinet/fortisiem
7.1.1
fortinet/fortisiem
6.4.0 - 6.4.2
Published
Feb 05, 2024
Tracked Since
Feb 18, 2026