Recently, two critical vulnerability advisories have been identified in the Natitonal Vulnerability Database (NVD), which implicate FortiSIEM, Fortinet’s SIEM solution. However, further investigation reveals that these CVEs are not “new”, but rather duplicates of a well-known FortiSIEM vulnerability, issued in error.
These operating system command injection vulnerabilities, listed as CVE-2024-23208 and CVE-2023-34992, addressed a similar critical flaw in FortiSIEM.
The new CVE IDs, CVE-2024-23108 and CVE-2024-23109, were accidentally generated due to a modification in the original advisory. This does not indicate the existence of new vulnerabilities, but rather an error in the information updating process. According to a Fortinet spokesperson, the problem originated from a routine modification that was made to ensure the accuracy of the information. However, due to an error in the information updating process.
According to a Fortinet spokesperson, the problem originated from a routine modification that was made to ensure the accuracy of the information. However, due to a bug in the API, instead of editing the existing advisory, two new CVEs were created, duplicates of the original. This situation highlights the importance of integrity in managing vulnerability information and the need for coordination effective between the parties involved in the disclosure and correction of security problems.
Accordingly, MITER, NVD and other information sources are expected to soon begin revoking advisories CVE-2024-23108 and CVE-2024-23109. For InfoSec/IT teams that have previously addressed CVE-2023-34992, no additional measures are required. It is critical that organizations maintain constant vigilance on security updates and regularly consult official sources to stay aware of the issues. affected products and versions with available fixes.
Fortinet is widely used in enterprise environments to ensure the security of networks and systems, but as this incident demonstrates, even established solutions can be affected by errors in vulnerability management. Cybersecurity remains a priority, and diligent attention to risk management is essential to protecting an organization’s digital assets.