Critical #Fortinet #FortiClientEMS flaw allows remote code execution
https://securityaffairs.com/187787/security/critical-fortinet-forticlientems-flaw-allows-remote-code-execution.html
#securityaffairs #hacking

ahhh… la bonne vuln critique du vendredi qui sent le café ☕️

🕵️‍♂️ CVE-2026-21643

D’après la fiche : SQL Injection (improper neutralization of special elements used in an SQL command) dans Fortinet FortiClientEMS 7.4.4

➡️ pourrait permettre à un attaquant non authentifié d’exécuter du code/commandes via des requêtes HTTP spécialement forgées.

RCE “unauth” sur un produit exposé, quelle surprise… 🙃

il me manque un traversal path dans l'histoire pour être définitivement comblé

may or may not, qui sait…
attendons l’advisory officiel avant de sortir les fourches (ou les patchs).
👇
https://cve.circl.lu/vuln/CVE-2026-21643 👀

#CyberVeille #Fortinet #FortiClientEMS

#Fortinet : la solution #FortiClientEMS impactée par une vulnérabilité critique ! (patch disponible…)

https://blog.sosordi.net/2024/03/fortinet-la-solution-forticlientems-impactee-par-une-vulnerabilite-critique-patch-disponible.html

#securite #data

Fortinet security advisory quietly updated to state that CVE-2023-48788 (9.8 critical, disclosed 12 March 2024 by Fortinet, Proof of Concept by Horizon3) is being exploited in the wild. 🔗 https://fortiguard.fortinet.com/psirt/FG-IR-24-007

cc: @todb

#CVE_2023_48788 #FortiClientEMS #Fortinet #eitw #activeexploitation #vulnerability

et c'est reparti pour un tour de 🩹​ FortiOS / FortiProxy / FortiClientEMS
⬇️​
https://www.cisa.gov/news-events/alerts/2024/03/12/fortinet-releases-security-updates-multiple-products

CVE-2023-42789
CVE-2023-42790 FortiOS & FortiProxy - Out-of-bounds Write in captive portal (⚠️Critical)
PoC
👇​
https://github.com/CrimBit/CVE-2023-42789-POC

Affected Products
FortiOS version 7.4.0 through 7.4.1
FortiOS version 7.2.0 through 7.2.5
FortiOS version 7.0.0 through 7.0.12
FortiOS version 6.4.0 through 6.4.14
FortiOS version 6.2.0 through 6.2.15
FortiProxy version 7.4.0
FortiProxy version 7.2.0 through 7.2.6
FortiProxy version 7.0.0 through 7.0.12
FortiProxy version 2.0.0 through 2.0.13

CVE-2023-48788 Pervasive SQL injection in DAS component [FortiClientEMS] ( ⚠️​Critical)

CVE-2023-47534 FortiClientEMS - - CSV injection in log download feature

CVE-2024-23112 FortiOS & FortiProxy – Authorization bypass in SSLVPN bookmarks

CVE-2023-36554 FortiWLM MEA for FortiManager - improper access control in backup and restore features

#CyberVeille #Fortinet #FortiOS #FortiClientEMS