Attackers Exploit Patched FortiClient EMS Vulnerability
/ 1 min read
🔍 Exploited FortiClient EMS Vulnerability Poses Significant Cybersecurity Threat. Kaspersky’s GERT team reported that attackers exploited a patched vulnerability (CVE-2023-48788) in FortiClient EMS, affecting versions 7.0.1 to 7.0.10 and 7.2.0 to 7.2.2, to gain unauthorized access to a company’s network. The attackers utilized SQL injection techniques to execute commands and deploy remote access tools like ScreenConnect and AnyDesk. Despite the availability of a patch, multiple threat actors successfully targeted the vulnerability, indicating a widespread risk across various regions. Kaspersky emphasizes the importance of timely updates and robust security measures, including endpoint protection and monitoring, to mitigate such threats and prevent potential breaches.
