Rewterz Threat Advisory – CVE-2024-22349 – SonicWall SonicOS Vulnerability

February 9, 2024

Rewterz Threat Alert – Remcos RAT – Active IOCs

February 9, 2024

Rewterz Threat Advisory – Multiple Fortinet FortiSIEM Vulnerabilities

February 9, 2024

Severity

High

Analysis Summary

CVE-2024-23108, CVE-2024-23109

Fortinet FortiSIEM could allow a remote attacker to execute arbitrary commands on the system, caused by OS command injection. By sending specially crafted API requests, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

Impact

Gain Access

Indicators Of Compromise

CVE

CVE-2024-23108
CVE-2024-23109

Affected Vendors

Fortinet

Affected Products

Fortinet FortiSIEM 6.4
Fortinet FortiSIEM 6.5
Fortinet FortiSIEM 6.6
Fortinet FortiSIEM 6.7.0
Fortinet FortiSIEM 7.0.0

Remediation

Refer to FortiGuard Advisory for patch, upgrade or suggested workaround information.

FortiGuard Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CVE-2025-31324 – SAP NetWeaver Vulnerability

APT34 Abuses Port 8080 for Fake 404 Pages and Reuse SSH Keys – Active IOCs

Lazarus APT Executes Multi-Stage Attack via Operation SyncHole – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – CVE-2024-22349 – SonicWall SonicOS Vulnerability

Rewterz Threat Alert – Remcos RAT – Active IOCs

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.