New attack campaign involves Fortinet FortiClient vulnerability exploitation

Attacks exploiting a critical SQL injection vulnerability impacting Fortinet FortiClient EMS devices, tracked as CVE-2023-48788, have been launched to facilitate the deployment of the ScreenConnect software and Metasploit Powerfun script as part of a new campaign, The Hacker News reports.

attack attacks campaign critical cve cve-2023-48788 deployment devices exploitation exploiting forticlient forticlient ems fortinet hacker injection metasploit network security reports screenconnect script software sql sql injection sql injection vulnerability the hacker news threat intelligence vulnerability vulnerability exploitation vulnerability management