Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools
By Sigmateq Team
Published On December 20, 2024
A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect. The vulnerability in question is CVE-2023-48788 (CVSS score: 9.3), an SQL injection bug that allows attackers to execute unauthorized code or commands by sending specially crafted data packets.| Fortinet EMS Vulnerability
