all InfoSec news
A Vulnerability in Fortinet FortiSIEM Could Allow for Remote Code Execution
Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org
A vulnerability has been discovered in Fortinet FortiSIEM, which could allow for remote code execution. Successful exploitation of this vulnerability could allow for remote code execution in the context of the affected service account. Depending on the privileges associated with the service account an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Service accounts that are configured to have fewer user rights on the system could be less impacted than …
account attacker code code execution context exploitation fortinet fortisiem install privileges remote code remote code execution service service account vulnerability