A critical unauthenticated, remote code execution vulnerability (CVE-2023-34992) in Fortinet FortiSIEM allows attackers to execute arbitrary commands as the root user, read sensitive information, and pivot within the network. A recent PoC exploit demonstrates the vulnerability found in the LicenseUploadServlet class of the Java-based backend web service, allowing unauthenticated attackers to gain RCE. Fortinet has released patches for affected versions (6
4.0 to 7.1.1) and recommends updating to versions 7.0.3, 7.1.3, or 6.7.9 to mitigate the risk. Users are advised to follow best practices for securing SIEM deployments and monitor for any unusual activity to protect against potential exploitation. ```https://cybersecuritynews.com/rce-vulnerability-fortinet-fortisiem/