A critical Remote Code Execution (RCE) vulnerability, identified as CVE-2024-23108, has been discovered in Fortinet's FortiSIEM. Experts have released a proof-of-concept (PoC) exploit code for this vulnerability on Security Affairs, urging immediate patching due to its maximum severity. The vulnerability allows for second-order command injection, posing significant risks to affected systems. Additionally, CVE-2023-43208 has been designated as a Known Exploited Vulnerability (KEV) by the Cybersecurity and Infrastructure Security Agency (CISA), emphasizing the need for prompt patching. Horizon3ai had notified its NodeZero users about CVE-2023-43208 nine months ago.