Security News > 2024 > December > Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools
2024-12-20 06:25
A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect. The vulnerability in question is CVE-2023-48788 (CVSS score: 9.3), an SQL injection bug that allows attackers to execute unauthorized code or commands by sending specially crafted
News URL
https://thehackernews.com/2024/12/hackers-exploiting-critical-fortinet.html
Related news
- Kimsuky hackers use new custom RDP Wrapper for remote access (source)
- New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems (source)
- Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution (source)
- New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking (source)
- Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score (source)
- Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- US charges Chinese hackers linked to critical infrastructure breaches (source)
- Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-12 | CVE-2023-48788 | Unspecified vulnerability in Fortinet Forticlient Enterprise Management Server A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets. | 9.8 |