**Name of the Vulnerable Software and Affected Versions:**

Fortinet FortiSIEM versions 5.4.0 through 7.3.1

Fortinet FortiSIEM versions 6.1 through 7.3.1

Fortinet FortiSIEM versions 6.7.9 and earlier

Fortinet FortiSIEM versions 7.0.0 through 7.0.3

Fortinet FortiSIEM versions 7.1.0 through 7.1.7

Fortinet FortiSIEM versions 7.2.0 through 7.2.5

Fortinet FortiSIEM versions 7.3.0 through 7.3.1

**Description:**

Fortinet FortiSIEM is vulnerable to an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability. This allows an unauthenticated attacker to execute arbitrary code or commands via crafted CLI requests. Active exploitation of this vulnerability has been confirmed, with exploit code available in the wild. The vulnerability affects the phMonitor port (TCP/7900).

**Recommendations:**

Fortinet FortiSIEM versions 5.4.0 through 7.3.1: Upgrade to version 7.3.2 or later.

Fortinet FortiSIEM versions 6.1 through 7.3.1: Upgrade to version 7.3.2 or later.

Fortinet FortiSIEM versions 6.7.9 and earlier: Upgrade to version 6.7.10 or later.

Fortinet FortiSIEM versions 7.0.0 through 7.0.3: Upgrade to version 7.0.4 or later.

Fortinet FortiSIEM versions 7.1.0 through 7.1.7: Upgrade to version 7.1.8 or later.

Fortinet FortiSIEM versions 7.2.0 through 7.2.5: Upgrade to version 7.2.6 or later.

As a temporary workaround, consider blocking access to the phMonitor port (TCP/7900).