Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild www.bleepingcomputer.com/news/secu…

Fortinet is warning about a remote unauthenticated command injection flaw in FortiSIEM that has in-the-wild exploit code, making it critical for admins to apply the latest security updates.

FortiSIEM is a central security monitoring and analytics system used for logging, network telemetry, and security incident alerts, serving as an integral part of security operation centers, where it’s an essential tool in the hands of IT ops teams and analysts.

The product is generally used by governments, large enterprises, financial institutions, healthcare providers, and managed security service providers (MSSPs).