Experts unveiled a proof-of-concept (PoC) exploit for a severe flaw, identified as CVE-2023-48788 (with a CVSS rating of 9.3), in the FortiClient Enterprise Management Server (EMS). Currently, threat actors are exploiting this flaw in real-world attacks. CVE-2023-48788 represents a critical SQL injection vulnerability within the DAS component. This issue could permit an individual to run unapproved code or commands through specially crafted requests.
You Might Be Interested In
- China Imposes Ban on Intel and AMD Processors
- [Zero-Day] Unpatched Flaws Revealed in Microsoft Exchange
- Strengthening Security Features: Google and Microsoft’s Recent Updates
- Open-Source Organizations Collaborate to Strengthen Digital Supply Chain
- WordPress Plugin Flaw Puts 5 Million Sites at Risk
- Prudential Voluntarily Notifies SEC of Breach Incident