A Vulnerability in Fortinet FortiSIEM Could Allow for Remote Code Execution | allinfosecnews.com

Nov. 17, 2023, 12:06 p.m. |

Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org

A vulnerability has been discovered in Fortinet FortiSIEM, which could allow for remote code execution. Successful exploitation of this vulnerability could allow for remote code execution in the context of the affected service account. Depending on the privileges associated with the service account an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Service accounts that are configured to have fewer user rights on the system could be less impacted than …

account attacker code code execution context exploitation fortinet fortisiem install privileges remote code remote code execution service service account vulnerability

More from www.cisecurity.org / Center for Internet Security - Multi-State Information Sharing and Analysis Center

Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution 5 days, 4 hours ago | www.cisecurity.org

apple arbitrary code code code execution +5

Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution 1 week, 5 days ago | www.cisecurity.org

access arbitrary code browser code +16

A Vulnerability in Fortinet FortiSIEM Could Allow for Remote Code Execution 2 weeks, 5 days ago | www.cisecurity.org

account attacker code code execution +11

Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 3 weeks, 1 day ago | www.cisecurity.org

acrobat acrobat and reader adobe adobe acrobat +21

Critical Patches Issued for Microsoft Products, November 14, 2023 3 weeks, 1 day ago | www.cisecurity.org

accounts attacker change code +14

A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution 3 weeks, 2 days ago | www.cisecurity.org

arbitrary code attacker chrome code +8

Multiple Vulnerabilities in Google Android OS Could Allow for Privilege Escalation 4 weeks, 1 day ago | www.cisecurity.org

android devices escalation exploitation +12

A Vulnerability in Atlassian Confluence Server and Data Center Could Allow for Data Destruction 1 month ago | www.cisecurity.org

atlassian atlassian confluence atlassian confluence server attacker +19

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 1 month ago | www.cisecurity.org

arbitrary code attacker chrome code +7

Security Specialist

@ Protect Democracy | Remote, US

View on infosec-jobs.com

Sr Staff Software Engineer (L7- Network Security)

@ Palo Alto Networks | Santa Clara, CA, United States

View on infosec-jobs.com

Cyber Threat Analyst, Senior

@ ManTech | 221BQ - Cstmr Site,Springfield,VA

View on infosec-jobs.com

Security Architect

@ Netcompany | Birmingham, United Kingdom

View on infosec-jobs.com

Sr. Security Architect

@ Datavant | Remote, United States

View on infosec-jobs.com

Cybersecurity Services Sales Executive

@ Rockwell Automation | United States of America Milwaukee (South 2nd Street)

View on infosec-jobs.com