Help
FortiSIEM Discussions
darayun
New Contributor

Created on ‎04-17-2024 08:24 PM

Tuning FortiSIEM Rule: CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect

Dear Respective Team,

 

Do you have any tip or technic for fine tuning the fortiSIEM rules/incident alert related to CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect?

 

https://security.paloaltonetworks.com/CVE-2024-3400

 

Best Regards,

Dara

598
0 Kudos
2 REPLIES 2
FSM_FTNT
Staff
Staff

Created on ‎04-18-2024 03:00 AM

Hi Dara,

 

We have released content update 607 to help detect this, primarily using FortiGate and FortiClient signature detections. Please ensure that you download the latest content and review.

 

https://help.fortinet.com/fsiem/7-1-5/Online-Help/HTML5_Help/content_updates.htm#Content12

551
0 Kudos
darayun
New Contributor

Created on ‎04-18-2024 03:14 AM Edited on ‎04-18-2024 03:16 AM

Dear FMS-FTNT,

 

I well received it, and I thank you so much for your fast response. Now, I am testing the rule.

 

Best Regards,

Dara

542
0 Kudos
Announcements

Welcome to your new Fortinet Community!

You'll find your previous forum posts under "Forums"

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.