Security News > 2024 > April > Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign
2024-04-17 10:23
Cybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads. The activity entails the exploitation of CVE-2023-48788 (CVSS score: 9.3), a critical SQL injection flaw that could permit an unauthenticated attacker to execute unauthorized code or
News URL
https://thehackernews.com/2024/04/hackers-exploit-fortinet-flaw-deploy.html
Related news
- Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)
- Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits (source)
- Fortinet warns of FortiWLM bug giving hackers admin privileges (source)
- Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools (source)
- Hackers exploit DoS flaw to disable Palo Alto Networks firewalls (source)
- Hackers exploit Four-Faith router flaw to open reverse shells (source)
- Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens (source)
- Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-12 | CVE-2023-48788 | Unspecified vulnerability in Fortinet Forticlient Enterprise Management Server A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets. | 9.8 |