CVE-2023-48788: Pervasive SQL injection in DAS component
First published: Tue Mar 12 2024(Updated: )
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets.
Credit: psirt@fortinet.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortinet FortiClient Enterprise Management Server | >=7.0.1<=7.0.10 | |
| Fortinet FortiClient Enterprise Management Server | >=7.2.0<=7.2.2 | |
| Fortinet FortiClient EMS | ||
| Fortinet FortiClientEMS | >=7.2.0<=7.2.2 | |
| Fortinet FortiClientEMS | >=7.0.1<=7.0.10 |
Remedy
Please upgrade to FortiClientEMS version 7.2.3 or above Please upgrade to FortiClientEMS version 7.0.11 or above
Remedy
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.theregister.com/2024/03/13/patch_tuesday_march_2024/
- https://www.bleepingcomputer.com/news/security/fortinet-warns-of-critical-rce-bug-in-endpoint-management-software/
- https://www.theregister.com/2024/03/18/more_than_133000_fortinet_appliances/
- https://fortiguard.com/psirt/FG-IR-24-007
- https://www.bleepingcomputer.com/news/security/exploit-released-for-fortinet-rce-bug-used-in-attacks-patch-now/
- https://www.fortiguard.com/psirt/FG-IR-24-007
- https://www.fortiguard.com/psirt/cvrf/FG-IR-24-007
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- agent/type
- agent/author
- collector/the-register
- source/The Register
- alias/CVE-2024-21407
- alias/CVE-2024-21408
- alias/CVE-2024-21334
- alias/CVE-2024-21400
- alias/CVE-2023-32666
- alias/CVE-2023-32282
- alias/CVE-2024-2193
- alias/CVE-2023-20214
- alias/CVE-2024-20337
- alias/CVE-2024-0039
- alias/CVE-2024-23717
- alias/CVE-2023-42789
- alias/CVE-2023-42790
- alias/CVE-2023-48788
- alias/CVE-2023-47534
- alias/CVE-2023-36554
- alias/CVE-2024-23112
- alias/CVE-2023-46717
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-21762
- alias/CVE-2022-42475
- alias/CVE-2023-27997
- alias/CVE-2022-40684
- agent/weakness
- collector/mitre-cve
- source/MITRE
- zeroday/true
- agent/news-ai
- agent/remedy
- agent/severity
- agent/references
- agent/title
- agent/first-publish-date
- agent/description
- agent/event
- collector/fortiguard-psirt
- source/FortiGuard
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- exploited/true
- ransomware/true
- collector/cisa-known-exploited
- source/CISA
- vendor/fortinet
- canonical/fortinet forticlientems
- version/fortinet forticlientems/7.2.0
- version/fortinet forticlientems/7.2.2
- version/fortinet forticlientems/7.0.1
- version/fortinet forticlientems/7.0.10
- canonical/fortinet forticlient enterprise management server
- version/fortinet forticlient enterprise management server/7.0.1
- version/fortinet forticlient enterprise management server/7.0.10
- version/fortinet forticlient enterprise management server/7.2.0
- version/fortinet forticlient enterprise management server/7.2.2
- canonical/fortinet forticlient ems