Fortinet has patched a critical SQL injection vulnerability in its endpoint management software which could enable remote code execution (RCE) on targeted servers. CVE-2023-48788 affects FortiClientEMS 7.2 – versions 7.2.0 to 7.2.2 – and FortiClientEMS 7.0 – versions 7.0.1 to 7.0.10.
Source: Infosecurity