Fortinet Fortisiem

An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4, FortiSIEM 7.1.0 through 7.1.8, FortiSIEM 7.0.0 through 7.0.4, FortiSIEM 6.7.0 through 6.7.10 may
CVE-2025-64155 9.4 - Critical - January 13, 2026

An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4, FortiSIEM 7.1.0 through 7.1.8, FortiSIEM 7.0.0 through 7.0.4, FortiSIEM 6.7.0 through 6.7.10 may allow an attacker to execute unauthorized code or commands via crafted TCP requests.

Shell injection

FortiSIEM XSS Vulnerability CVE-2025-58324 (v7.2.07.2.2, prior)
CVE-2025-58324 6.1 - Medium - October 14, 2025

An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiSIEM 7.2.0 through 7.2.2, 7.1 all versions, 7.0 all versions, 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions may allow an authenticated attacker to perform a stored cross site scripting (XSS) attack via crafted HTTP requests.

XSS

FortiSIEM v7.3.0–7.3.1 RCE via CLI OS Command Injection
CVE-2025-25256 - August 12, 2025

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute unauthorized code or commands via crafted CLI requests.

Shell injection

FortiSIEM 7.0.0 Path Traversal for Privilege Escalation
CVE-2023-40714 8.8 - High - April 02, 2025

A relative path traversal in Fortinet FortiSIEM versions 7.0.0, 6.7.0 through 6.7.2, 6.6.0 through 6.6.3, 6.5.1, 6.5.0 allows attacker to escalate privilege via uploading certain GUI elements

Relative Path Traversal

FortiSIEM 5.2.6 HCK allows SSH to tunneluser
CVE-2019-17659 8.1 - High - March 17, 2025

A use of hard-coded cryptographic key vulnerability in FortiSIEM version 5.2.6 may allow a remote unauthenticated attacker to obtain SSH access to the supervisor as the restricted user "tunneluser" by leveraging knowledge of the private key from another installation or a firmware image.

Use of Hard-coded Credentials

FortiSIEM All Versions Auth Bypass via HTTP (CWE-863)
CVE-2024-55592 - March 11, 2025

An incorrect authorization vulnerability [CWE-863] in FortiSIEM 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions, may allow an authenticated attacker to perform unauthorized operations on incidents via crafted HTTP requests.

AuthZ

FortiSIEM 5.x-6.x Sensitive Info Exposure & Code Exec via API (CVE-2023-40723)
CVE-2023-40723 - March 11, 2025

An exposure of sensitive information to an unauthorized actor in Fortinet FortiSIEM version 6.7.0 through 6.7.4 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.1 and 6.4.0 through 6.4.2 and 6.3.0 through 6.3.3 and 6.2.0 through 6.2.1 and 6.1.0 through 6.1.2 and 5.4.0 and 5.3.0 through 5.3.3 and 5.2.5 through 5.2.8 and 5.2.1 through 5.2.2 and 5.1.0 through 5.1.3 allows attacker to execute unauthorized code or commands via api request.

Information Disclosure

FortiSIEM XSS on incident page, v6.77.1 (CWE79)
CVE-2024-27780 5.4 - Medium - February 11, 2025

Multiple Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerabilities [CWE-79] in FortiSIEM 7.1 all versions, 7.0 all versions, 6.7 all versions incident page may allow an authenticated attacker to perform a cross-site scripting attack via crafted HTTP requests.

XSS

FortiSIEM 5.3-7.1.5 DoS via Unlimited Resource Allocation
CVE-2024-46667 - January 14, 2025

A allocation of resources without limits or throttling in Fortinet FortiSIEM 5.3 all versions, 5.4 all versions, 6.x all versions, 7.0 all versions, and 7.1.0 through 7.1.5 may allow an attacker to deny valid TLS traffic via consuming all allotted connections.

Allocation of Resources Without Limits or Throttling

SQL Injection in FortiSIEM <7.1.8 via Update/Create Case
CVE-2024-52969 6.5 - Medium - January 14, 2025

An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiSIEM ersion 7.1.7 and below, version 7.1.0, version 7.0.3 and below, version 6.7.9 and below, 6.7.8, version 6.6.5 and below, version 6.5.3 and below, version 6.4.4 and below Update/Create Case feature may allow an authenticated attacker to extract database information via crafted requests.

SQL Injection

Os command injection in FortiSIEM 6.4-7.1 before 7.1.2
CVE-2024-23108 9.7 - Critical - February 05, 2024

An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet allows attacker to execute unauthorized code or commands via via crafted API requests.

Shell injection

Fortinet FortiSIEM 6.5-7.1 OS Command Injection via API
CVE-2024-23109 9.7 - Critical - February 05, 2024

An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet allows attacker to execute unauthorized code or commands via via crafted API requests.

Shell injection

FortiSIEM <7.0.0 or <=6.7.5 Windows Agent Log Password Exposure (CWE-200)
CVE-2023-41676 6.5 - Medium - November 14, 2023

An exposure of sensitive information to an unauthorized actor [CWE-200] in FortiSIEM version 7.0.0 and before 6.7.5 may allow an attacker with access to windows agent logs to obtain the windows agent password via searching through the logs.

Insufficiently Protected Credentials

FortiSIEM 5.4.0-5.2.1 OS Command Injection via API
CVE-2023-36553 9.3 - Critical - November 14, 2023

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 5.4.0 and 5.3.0 through 5.3.3 and 5.2.5 through 5.2.8 and 5.2.1 through 5.2.2 and 5.1.0 through 5.1.3 and 5.0.0 through 5.0.1 and 4.10.0 and 4.9.0 and 4.7.2 allows attacker to execute unauthorized code or commands via crafted API requests.

Shell injection

FortiSIEM 7.0.0: Log File Leak (Encrypted ES Password)
CVE-2023-45585 3.3 - Low - November 14, 2023

An insertion of sensitive information into log file vulnerability [CWE-532] in FortiSIEM version 7.0.0, version 6.7.6 and below, version 6.6.3 and below, version 6.5.1 and below, version 6.4.2 and below, version 6.3.3 and below, version 6.2.1 and below, version 6.1.2 and below, version 5.4.0, version 5.3.3 and below may allow an authenticated user to view an encrypted ElasticSearch password via debug log files generated when FortiSIEM is configured with ElasticSearch Event Storage.

FortiSIEM 6.5~7.0 OS Command Injection via API
CVE-2023-34992 9.7 - Critical - October 10, 2023

A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet allows attacker to execute unauthorized code or commands via crafted API requests.

Shell injection

FortiSIEM 6.7.0-6.7.5 Sensitive Info Disclosure via HTTP Request
CVE-2023-36551 5.3 - Medium - September 13, 2023

A exposure of sensitive information to an unauthorized actor in Fortinet FortiSIEM version 6.7.0 through 6.7.5 allows attacker to information disclosure via a crafted http request.

FortiSIEM <7.0.0: CWE-307 Brute-Force Authentication Vulnerability
CVE-2022-42478 8.8 - High - June 13, 2023

An Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0 may allow a non-privileged user with access to several endpoints to brute force attack these endpoints.

Improper Restriction of Excessive Authentication Attempts

FortiSIEM <6.7.1 Remote BruteForce via Outdated Hashing (CWE-327) GUI endpoints
CVE-2022-43949 7.5 - High - June 13, 2023

A use of a broken or risky cryptographic algorithm [CWE-327] in Fortinet FortiSIEM before 6.7.1 allows a remote unauthenticated attacker to perform brute force attacks on GUI endpoints via taking advantage of outdated hashing methods.

Use of a Broken or Risky Cryptographic Algorithm

FortiSIEM 5.3-6.7 Plaintext Password Storage (CWE-256)
CVE-2023-26204 9.8 - Critical - June 13, 2023

A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB content to impersonate any admin user on the device GUI.

Insufficiently Protected Credentials

FortiSIEM < 6.5.0 Improper Auth via Glassfish Hardcoded PW
CVE-2022-26119 7.8 - High - November 02, 2022

A improper authentication vulnerability in Fortinet FortiSIEM before 6.5.0 allows a local attacker with CLI access to perform operations on the Glassfish server directly via a hardcoded password.

Use of Hard-coded Credentials

A Cross-Site Request Forgery (CSRF) vulnerability in the user interface of Fortinet FortiSIEM 5.2.5 could
CVE-2019-17653 8.8 - High - March 12, 2020

A Cross-Site Request Forgery (CSRF) vulnerability in the user interface of Fortinet FortiSIEM 5.2.5 could allow a remote, unauthenticated attacker to perform arbitrary actions using an authenticated user's session by persuading the victim to follow a malicious link.

Session Riding

An Improper Neutralization of Input vulnerability in the description and title parameters of a Device Maintenance Schedule in FortiSIEM version 5.2.5 and below may
CVE-2019-17651 5.4 - Medium - January 28, 2020

An Improper Neutralization of Input vulnerability in the description and title parameters of a Device Maintenance Schedule in FortiSIEM version 5.2.5 and below may allow a remote authenticated attacker to perform a Stored Cross Site Scripting attack (XSS) by injecting malicious JavaScript code into the description field of a Device Maintenance schedule.

XSS

A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and below may
CVE-2019-16153 9.8 - Critical - January 23, 2020

A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and below may allow attackers to access the device database via the use of static credentials.

Use of Hard-coded Credentials

An information exposure vulnerability in the external authentication profile form of FortiSIEM 5.2.2 and earlier may
CVE-2019-6700 6.5 - Medium - January 07, 2020

An information exposure vulnerability in the external authentication profile form of FortiSIEM 5.2.2 and earlier may allow an authenticated attacker to retrieve the external authentication password via the HTML source code.

Insufficiently Protected Credentials

An information disclosure vulnerability in Fortinet FortiSIEM 5.2.0 and below versions exposes the LDAP server plaintext password
CVE-2018-13378 7.2 - High - April 17, 2019

An information disclosure vulnerability in Fortinet FortiSIEM 5.2.0 and below versions exposes the LDAP server plaintext password via the HTML source code.

Information Disclosure