all InfoSec news
Critical Fortinet Flaw Now Actively Exploited
Malware Analysis, News and Indicators - Latest topics malware.news
A previously disclosed, critical flaw in Fortinet’s FortiClient Enterprise Management Server (FortiClientEMS) is now being actively exploited by threat actors, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
On March 12, Fortinet disclosed and issued a patch for the SQL injection flaw (CVE-2023-48788), which exists in FortiClientEMS, its central management solution for endpoints. Last week, Fortinet updated the security advisory to reflect that the flaw has been exploited in the wild, and on Monday, CISA added the flaw …
actively exploited agency cisa critical critical flaw cve cve-2023-48788 cybersecurity enterprise exploited flaw forticlient fortinet infrastructure infrastructure security injection injection flaw management march patch security server solution sql sql injection threat threat actors