The US cybersecurity agency, CISA, is warning organizations. This is because attacks are taking place exploiting a recently disclosed vulnerability in the Enterprise Management Server Fortinet FortiClient (EMS)tracked as CVE-2023-48788.
The vulnerability affecting the enterprise endpoint management solution is a critical SQL injection bug. Such that an unauthenticated attacker can exploit to execute arbitrary code or commands using specially crafted requests.
Fortinet disclosed the vulnerability on February 22, announcing that fixes are included in versions 7.0.11, 7.2.3 and later of the FortiClient EMS.
O UK National Cyber āāSecurity Center (NCSC) and a Fortinet employee were credited with discovering CVE-2023-48788.
On March 21, cybersecurity firm Horizon3.ai released technical details of the vulnerability and published a proof-of-concept (PoC) exploit.
CISA added CVE-2023-48788 to its catalog of Known Exploited Vulnerabilities (KEV) on Monday, urging organizations to install fixes or implement mitigators as quickly as possible.
Fortinet updated its advisory to add that the vulnerability āis exploited in natureā.
There does not appear to be information available about attacks leveraging CVE-2023-48788, but Fortinet product vulnerabilities are frequently attacked by state-sponsored threat actors.
Source: Atrevida
Earl Johnson is a music writer at Gossipify, known for his in-depth analysis and unique perspective on the industry. A graduate of USC with a degree in Music, he brings years of experience and passion to his writing. He covers the latest releases and trends, always on the lookout for the next big thing in music.