CSO Online

Critical FortiCloud SSO zero‑day forces emergency service disablement at Fortinet

CISA added the flaw to its KEVs catalog as Fortinet warned that patches for most affected versions remain “upcoming,” even though vulnerable devices can no longer use cloud SSO until upgraded.
Bleeping Computer

Exploit released for Fortinet RCE bug used in attacks, patch now

Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited ...
Infosecurity-magazine.com

Fortinet Patches Critical Bug in FortiClient EMS

Fortinet has patched a critical SQL injection vulnerability in its endpoint management software which could enable remote code execution (RCE) on targeted servers. CVE-2023-48788 affects ...