CVE-2023-34993
Published: 10 October 2023
Summary
CVE-2023-34993 is a critical-severity OS Command Injection (CWE-78) vulnerability in Fortinet Fortiwlm. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 0.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2023-34993 is an OS command injection vulnerability (CWE-78) affecting Fortinet FortiWLM wireless LAN management software in versions 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4. The flaw stems from improper neutralization of special elements in OS commands, enabling remote attackers to inject and execute arbitrary commands through crafted parameters in HTTP GET requests. It carries a CVSS 3.1 base score of 9.8, reflecting network-accessible exploitation with no required authentication or user interaction and full impact on confidentiality, integrity, and availability.
An unauthenticated attacker can send a maliciously constructed HTTP GET request to an exposed FortiWLM instance and achieve arbitrary code execution on the underlying system. This grants the ability to run unauthorized commands, potentially leading to full device compromise, data exfiltration, or use as a foothold for further network attacks.
The vendor advisory FG-IR-23-140, published alongside the CVE, directs administrators to apply the fixes released by Fortinet for the affected FortiWLM branches.
The EPSS score for this vulnerability currently stands at 0.8768 with a recorded peak of 0.9683, indicating sustained high exploitation interest following disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-39031
Vulnerability details
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.