%20in%20the%20Wild.webp "Hackers Exploiting FortiClient EMS Vulnerability (CVE-2023-48788) in the Wild")
Cybersecurity researchers have uncovered active exploitation of a critical vulnerability in Fortinet’s FortiClient Enterprise Management Server (EMS), tracked as CVE-2023-48788.
This flaw, stemming from improper filtering of SQL commands, allows attackers to execute unauthorized code or commands via SQL injection. Despite the availability of patches, threat actors have been leveraging this vulnerability to infiltrate enterprise networks globally.
CVE-2023-48788 affects FortiClient EMS versions 7.0.1 to 7.0.10 and 7.2.0 to 7.2.2, with a critical Common Vulnerability Scoring System (CVSS) score of 9.8.
It enables unauthenticated attackers to exploit the system by sending specially crafted data packets, potentially leading to remote code execution (RCE). The vulnerability was disclosed in March 2024, with patches released in versions 7.0.11 and 7.2.3.
FortiClient EMS serves as a centralized platform for managing endpoint security policies, often exposed to the internet for remote access purposes.
This exposure increases the risk of exploitation, allowing attackers to establish initial access, conduct reconnaissance, and deploy…
