Exploit Released For Critical Fortinet RCE Flaw: Patch Soon!

22 March 2024

FortiClientEMS (Enterprise Management Server), the security solution used for scalable and centralized management, was discovered with an SQL injection vulnerability that could allow an unauthenticated threat actor to execute unauthorized code or command on vulnerable servers through specially crafted requests. This vulnerability exists due to improper neutralization of special elements used in an SQL command. The vulnerability was assigned with CVE-2023-48788 and the severity was given as 9.8 (Critical). However, Fortiguard has acted swiftly upon this vulnerability and has released patches to fix it.

Source: GBHackers

Date:

22 March 2024

Categorie(s):

NEWS

Tag(s):

Critical, Cyber Security News, Flaws, Fortinet, Patch

Understanding emerging AI and data privacy regulations2 May 2024
reNgine: Open-source automated reconnaissance framework for web applications2 May 2024
A million Australian pubgoers wake up to find personal info listed on leak site2 May 2024
Women rising in cybersecurity roles, but roadblocks remain2 May 2024
AI-driven phishing attacks deceive even the most aware users2 May 2024