Post #8205

🚨 Fortinet fixed a CVSS 9.4 bug in FortiSIEM that allows unauthenticated code execution. The issue is in the phMonitor service on TCP port 7900. Crafted requests can trigger OS command injection, enabling file writes as admin and escalation to root via a scheduled task. 🔗 Details → https://thehackernews.com/2026/01/fortinet-fixes-critical-fortisiem-flaw.html 🔐 Patch now. Restrict access to port 7900.